Lucene search
K

814 matches found

EUVD
EUVD
added 2026/02/26 10:40 p.m.5 views

EUVD-2026-8915

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...

5.3CVSS5.4AI score0.00265EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22213

Name of the Vulnerable Software and Affected Versions Manyfold versions prior to 0.133.1 Description Manyfold is a self-hosted web application for managing 3d models. A flaw exists in the get model method within the ModelFilesController lines 158-160 where models are loaded using Model.find...

5.3CVSS5.9AI score0.00265EPSS
Exploits1References6
EUVD
EUVD
added 2026/02/25 11:16 p.m.7 views

EUVD-2026-8776

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cookie leakage in proxy caches. Version 0.133.0 fixes the issue...

6.8CVSS5.4AI score0.00262EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.5 views

PT-2026-22040

Name of the Vulnerable Software and Affected Versions Manyfold versions prior to 0.133.0 Description Manyfold is a self-hosted web application used for managing 3D models, with a focus on 3D printing. Prior to version 0.133.0, a logged-in user could achieve Remote Code Execution RCE when model...

8.8CVSS6AI score0.0037EPSS
Exploits1References10
OSV
OSV
added 2026/02/19 4:32 a.m.4 views

CVE-2026-2704 Open Babel CIF File transform3d.cpp DescribeAsString out-of-bounds

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the...

5.3CVSS5.2AI score0.00759EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2026/02/19 4:32 a.m.3 views

CVE-2026-2704 Open Babel CIF File transform3d.cpp DescribeAsString out-of-bounds

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the...

5.3CVSS5.4AI score0.00759EPSS
Exploits1References7
Fedora
Fedora
added 2026/02/19 1:14 a.m.7 views

[SECURITY] Fedora 43 Update: fvwm3-1.1.4-4.fc43

Fvwm is a window manager for X11. It is designed to minimize memory consumption, provide a 3D look to window frames, and implement a virtual desktop...

7.5CVSS5.5AI score0.00585EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/02/15 7:10 a.m.16 views

CVE-2026-1985

The Press3D plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 3D Model Gutenberg block in all versions up to, and including, 1.0.2. This is due to the plugin failing to sanitize and validate the URL scheme when storing link URLs for 3D model blocks, allowing javascript:...

6.4CVSS5.8AI score0.00279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/14 12:0 a.m.11 views

PT-2026-8085

The Press3D plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 3D Model Gutenberg block in all versions up to, and including, 1.0.2. This is due to the plugin failing to sanitize and validate the URL scheme when storing link URLs for 3D model blocks, allowing javascript:...

6.4CVSS5.8AI score0.00279EPSS
Exploits0References6
Schneier on Security
Schneier on Security
added 2026/02/12 12:1 p.m.7 views

3D Printer Surveillance

New York is contemplating a bill that adds surveillance to 3D printers: New York’s 2026­2027 executive budget bill S.9005 / A.10005 includes language that should alarm every maker, educator, and small manufacturer in the state. Buried in Part C is a provision requiring all 3D printers sold or...

5.6AI score
Exploits0
OSV
OSV
added 2026/02/06 10:52 p.m.9 views

CVE-2026-25803 3DP-MANAGER Uses Hard-coded Credentials

3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials admin/admin upon the first initialization. Attackers with network access to the application's login interface can gain full...

9.8CVSS5.5AI score0.00364EPSS
Exploits0References4
CVE
CVE
added 2026/02/04 10:13 p.m.15 views

CVE-2026-25585

iccDEV before version 2.3.1.3 contains a vulnerability in the color management module due to improper array bounds validation at IccCmm.cpp:5793 during ICC profile processing, leading to out-of-bounds reads with potential memory disclosure or segmentation faults. The issue has been patched in ver...

7.8CVSS5.4AI score0.00225EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/04 10:13 p.m.33 views

CVE-2026-25585 iccDEV vulnerable to OOB in CIccXform3DLut::Apply()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...

7.8CVSS0.00225EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/04 10:13 p.m.5 views

CVE-2026-25585 iccDEV vulnerable to OOB in CIccXform3DLut::Apply()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...

7.8CVSS5.4AI score0.00225EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/04 4:27 p.m.28 views

CVE-2026-0660 Stack Based Buffer Overflow in GIF File Parsing

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

8.4CVSS0.00188EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.6 views

QuietPrint: Protecting 3D Printers against Acoustic Side-Channel Attacks

The 3D printing market has experienced significant growth in recent years, with an estimated revenue of 15 billion USD for 2025. Cyber-attacks targeting the 3D printing process whether through the machine itself, the supply chain, or the fabricated components are becoming increasingly common. One...

5.5AI score
Exploits0
NVD
NVD
added 2026/01/25 3:15 p.m.12 views

CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS0.00135EPSS
Exploits0References2
OSV
OSV
added 2026/01/25 3:15 p.m.7 views

UBUNTU-CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/01/25 2:36 p.m.7 views

CVE-2026-23008 drm/vmwgfx: Fix KMS with 3D on HW version 10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/01/25 2:36 p.m.6 views

CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS5.5AI score0.00135EPSS
Exploits0
Rows per page
Query Builder