CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which stems from a heap-release-after-reuse issue in the vtkGLTFDocumentLoader when processing GLTF files, which could lead to memory corruption...

PT-2025-44635

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions prior to 9.5.1 Description Kitware VTK Visualization Toolkit versions up to 9.5.0 have a buffer overflow issue in the vtkGLTFDocumentLoader component. This occurs within the BufferDataExtractionWorker...

CVE-2025-57106

CVE-2025-57106 affects Kitware VTK up to 9.5.0, where a buffer overflow can occur in vtkGLTFDocumentLoader during GLTF accessor data processing in the BufferDataExtractionWorker template function. Red Hat and ENISA EUVD entries corroborate the same root cause and impact (buffer overflow). The CVE...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

PT-2025-44636

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap buffer overflow issue within the vtkGLTFDocumentLoader. This occurs when processing specifically designed GLTF files, where the copy constructor ...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

EUVD-2025-37195

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

UBUNTU-CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

[SECURITY] Fedora 42 Update: qt6-qtdatavis3d-6.9.3-1.fc42

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

[SECURITY] Fedora 42 Update: LabPlot-2.12.1-11.fc42

LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...

PT-2025-44445

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit version 9.5.0 Description The software contains a flaw related to Heap Use-After-Free within the vtkGLTFImporter::ImportActors function. This occurs when processing GLTF files containing invalid scene node...

编号撤回

Nagios Fusion is a centralized monitoring and visualization platform from Nagios Corporation in the United States. This CVE number has been withdrawn...

Linux Distros Unpatched Vulnerability : CVE-2025-57109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene nod...

CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

Siemens Teamcenter Visualization Installed (Windows)

Binary data siemensteamcentervisualizationinstalled.nbin...

CVE-2025-62422

DataEase is an open source data visualization and analytics platform. In versions 2.10.13 and earlier, the /de2api/datasetData/tableField interface is vulnerable to SQL injection. An attacker can construct a malicious tableName parameter to execute arbitrary SQL commands. This issue is fixed in...

DataEase H2 JDBC Injection Code Execution Vulnerability

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase H2.java handles JDBC connection validation with a code injection...

CVE-2025-62422 DataEase SQL injection vulnerability

DataEase is an open source data visualization and analytics platform. In versions 2.10.13 and earlier, the /de2api/datasetData/tableField interface is vulnerable to SQL injection. An attacker can construct a malicious tableName parameter to execute arbitrary SQL commands. This issue is fixed in...

DataEase 代码问题漏洞

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase H2.java handles JDBC connection validation with a code injection...