EUVD-2025-16280

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-5168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function...

Out-of-Bounds-Read

libassimp.so is vulnerable to an out-of-bounds read. The vulnerability is due to insufficient bounds checking in the MDLImporter::ParseSkinLump3DGSMDL7 function when parsing 3DGS MDL7 skin lumps, allowing a local attacker to read unintended memory...

DEBIAN-CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

UBUNTU-CVE-2025-5204

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

CVE-2025-5200 Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 out-of-bounds

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFileQuake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attac...

PYSEC-2025-176

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

PT-2025-22930 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A problem was found in the function MDLImporter::InternReadFile Quake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp, which leads to out-of-bounds read. The attack can be launch...

PYSEC-2025-160

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

PT-2025-12419 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A vulnerability was found in the Open Asset Import Library Assimp. This issue affects the function MDLImporter::InternReadFile Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The...

OSV-2020-1647 UNKNOWN READ in aiTexture::~aiTexture

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25108 Crash type: UNKNOWN READ Crash state: aiTexture::aiTexture Assimp::MDLImporter::SkipSkinLump3DGSMDL7 Assimp::HMPImporter::ReadFirstSkin...