34 matches found
EUVD-2021-20749
Malware in sbrugna...
EUVD-2021-20750
Malware in sbrugna...
EUVD-2024-49132
Malicious code in bioql PyPI...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
CVE-2021-34087
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page...
CVE-2021-34086
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. They do not verify incoming requests...
CVE-2024-8374
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
UltiMaker Cura 安全漏洞
UltiMaker Cura is a free, easy-to-use 3D printing software from UltiMaker, Inc. A security vulnerability exists in UltiMaker Cura v5.8.1 and earlier versions, which originates from a local attacker who can execute arbitrary code via the inter-process communication IPC mechanism...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
PT-2024-34600 · Ultimaker · Ultimaker Cura
Name of the Vulnerable Software and Affected Versions: UltiMaker Cura versions 4.41 and 5.8.1 and earlier Description: The issue allows a local attacker to execute arbitrary code via the Inter-process communication IPC mechanism between the Cura application and CuraEngine processes, localhost...
CVE-2024-51330
CVE-2024-51330 affects UltiMaker Cura up to v4.41 and v5.8.1 and earlier, enabling a local attacker to execute arbitrary code via the Inter-process communication (IPC) between the Cura GUI and CuraEngine, the localhost network stack, and related printing/G-code components on Ultimaker 3D printers...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
CVE-2024-8374
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
CVE-2024-8374
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
CVE-2024-8374
The CVE-2024-8374 issue affects UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2. It stems from improper handling of the drop_to_buildplate property in 3MF files parsed by the 3MFReader, where the property value is passed to Python eval() without sanitization. This allows an attacker to ...
CVE-2024-8374
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
CVE-2024-8374 Arbitrary Code Injection in Cura
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
Ultimaker Cura 安全漏洞
Ultimaker Cura is a state-of-the-art slicer application open-sourced by Ultimaker. It is used to prepare 3D models for 3D printers. A security vulnerability exists in Ultimaker Cura versions 5.7.0-beta.1 through 5.7.2 that stems from improper handling of the droptobuildplate attribute in 3MF file...
PT-2024-38979 · Ultimaker · Ultimaker Cura
Name of the Vulnerable Software and Affected Versions: UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 Description: The issue arises from improper handling of the drop to buildplate property within 3MF files, which are ZIP archives containing the model data. When a 3MF file is loaded in...