65 matches found
CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...
CVE-2026-42479
An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...
CVE-2026-42478
An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...
DEBIAN-CVE-2026-42477
A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...
DEBIAN-CVE-2026-42479
An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...
DEBIAN-CVE-2026-42478
An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...
DEBIAN-CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...
PT-2026-36478
An out-of-bounds read vulnerability in VrmlData IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V8 0 0 rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...
CVE-2026-42478
CVE-2026-42478 affects OCCT (Open CASCADE Technology) at V8_0_0_rc5, specifically VrmlData_IndexedFaceSet::TShape. A crafted VRML file can trigger a dereference of a corrupt or unvalidated pointer during shape construction in libTKDEVRML.so, allowing a denial-of-service. Documented impact: high s...
Open Cascade OCCT 缓冲区错误漏洞
Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from multiple issues with the IGES and STEP file parsers, including an out-of-bounds read of...
CVE-2026-42477
A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...
PT-2026-36477
An issue was discovered in VrmlData IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V8 0 0 rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated...
CVE-2026-42477
The CVE describes a heap-based out-of-bounds read in Open CASCADE Technology (OCCT) v8_0_0_rc5 within the OBJ file parser. The vulnerability affects RWObj_Reader::read, caused by Standard_ReadLineBuffer::ReadLine() returning a 1-byte buffer for minimal OBJ lines and RWObj_Reader::read() calling p...
EUVD-2026-26677
A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...
EUVD-2026-26600
A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...
Open Cascade OCCT 代码问题漏洞
Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A code issue vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a flaw in the VrmlDataIndexedFaceSet::TShape function in the VRML V2.0 parser, as malformed VRML inputs...
EUVD-2026-26601
An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...
Open Cascade OCCT 缓冲区错误漏洞
Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a stack-based out-of-bounds read issue in the VrmlDataScene::ReadLine function in the VRML parser, as...
CVE-2026-42479
CVE-2026-42479 affects Open CASCADE Technology (OCCT) version V8_0_0_rc5. The VrmlData_IndexedLineSet::TShape in the VRML parser uses coordIndex values from input as direct array indices without validating against the coordinate array size during geometry processing, leading to an out-of-bounds r...
CVE-2026-42479
An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...