Lucene search
K

5610 matches found

Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.3 views

PT-2025-23222 · Phpoffice · Phpoffice Math

Name of the Vulnerable Software and Affected Versions: PHPOffice Math versions prior to 0.3.0 Description: The issue allows an attacker to create a special XML file that, when processed, loads external entities, enabling the reading of local server files. This is due to the use of the libxml...

8.7CVSS6.1AI score0.00417EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2025/05/28 1:32 p.m.24 views

CVE-2025-48734 Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...

7.7AI score0.01495EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/05/28 11:0 a.m.39 views

Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System CMS to deploy multiple payloads, including a cryptocurrency miner, a loader dubbed Mimo Loader, and residential proxyware. The...

10CVSS10AI score0.99999EPSS
Exploits485
SUSE CVE
SUSE CVE
added 2025/05/28 3:22 a.m.4 views

SUSE CVE-2025-5200

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

3.3CVSS3.2AI score0.00221EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/05/28 3:22 a.m.4 views

SUSE CVE-2025-5201

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function LWOImporter::CountVertsAndFacesLWO2 of the file assimp/code/AssetLib/LWO/LWOLoader.cpp. The manipulation leads to out-of-bounds read. The attack needs to be...

7.8CVSS3.2AI score0.00221EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.3 views

Apache Commons 访问控制错误漏洞

Apache Commons is an Apache project of the Apache USA Foundation that focuses on various aspects of reusable Java components. An Access Control Error vulnerability exists in Apache Commons that stems from improper access control and could allow an attacker to access the class loader via the...

8.8CVSS6.8AI score0.01495EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2025/05/26 9:15 p.m.5 views

CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

7.8CVSS7.3AI score0.00221EPSS
Exploits1References6
Snyk
Snyk
added 2025/05/26 8:49 p.m.1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the MDLImporter::ParseSkinLump3DGSMDL7 function, an external file reference/strings without null terminator can allow an attacker to read data beyond the allocated buffer. Remediation There is no fixed version...

7.8CVSS6.9AI score0.00221EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/05/26 8:15 p.m.6 views

CVE-2025-5202

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function HL1MDLLoader::validateheader of the file assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to out-of-bounds read. An...

7.8CVSS7.3AI score0.00221EPSS
Exploits1References6
OSV
OSV
added 2025/05/26 8:15 p.m.5 views

DEBIAN-CVE-2025-5202

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function HL1MDLLoader::validateheader of the file assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to out-of-bounds read. An...

7.8CVSS3.7AI score0.00221EPSS
Exploits1References1
Snyk
Snyk
added 2025/05/26 7:48 p.m.1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to the HL1MDLLoader::validateheader function, which doesn't check the file size before trying to access the buffer/header. An attacker can read data outside the intended buffer boundaries by manipulating the input...

7.8CVSS6.8AI score0.00221EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/05/26 7:15 p.m.3 views

CVE-2025-5200

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

7.8CVSS7.2AI score0.00221EPSS
Exploits1References6
OSV
OSV
added 2025/05/26 7:15 p.m.2 views

UBUNTU-CVE-2025-5200

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

7.8CVSS4.8AI score0.00221EPSS
Exploits1References8
Snyk
Snyk
added 2025/05/26 6:45 p.m.2 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the MDLImporter::InternReadFileQuake1 function. An attacker can read data outside the intended buffer boundaries by manipulating the input data to the function. Remediation There is no fixed version for assimp...

7.8CVSS4.5AI score0.00221EPSS
Exploits1References2
OSV
OSV
added 2025/05/26 1:15 p.m.2 views

CVE-2025-5186

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

8.8CVSS6.9AI score
Exploits0References4
Cvelist
Cvelist
added 2025/05/26 1:0 p.m.11 views

CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

6.5CVSS0.00387EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/05/26 5:15 a.m.5 views

CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

5.5CVSS7.3AI score0.00208EPSS
Exploits1References6
OSV
OSV
added 2025/05/26 5:15 a.m.5 views

DEBIAN-CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

5.5CVSS3.5AI score0.00208EPSS
Exploits1References1
OSV
OSV
added 2025/05/26 5:15 a.m.5 views

UBUNTU-CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

5.5CVSS4.9AI score0.00208EPSS
Exploits1References8
OSV
OSV
added 2025/05/26 4:15 a.m.4 views

PYSEC-2025-175

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function MDLImporter::ImportUVCoordinate3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument iIndex leads to out-of-bound...

5.5CVSS4.7AI score0.00208EPSS
Exploits1References6
Rows per page
Query Builder