Lucene search
+L

95 matches found

Vulnrichment
Vulnrichment
added 2026/03/23 3:50 p.m.2 views

CVE-2026-32845 jkuhlmann / cgltf <= 1.15 Sparse Accessor Validation Integer Overflow

cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...

8.4CVSS6AI score0.00135EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/23 3:50 p.m.2 views

CVE-2026-32845

cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...

8.4CVSS6AI score0.00135EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/23 3:50 p.m.29 views

CVE-2026-32845 jkuhlmann / cgltf <= 1.15 Sparse Accessor Validation Integer Overflow

cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...

8.4CVSS0.00135EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.7 views

cgltf 安全漏洞

CGLTF is a library developed by Johannes Kuhlmann from Germany, used for loading and processing GLTF 3D model formats. Versions of CGLTF prior to 1.15 contained security vulnerabilities. These vulnerabilities stemmed from integer overflows in the cgltfvalidate function during the validation of...

8.4CVSS5.8AI score0.00135EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/01 6:6 p.m.15 views

CVE-2025-57107

Kitware VTK Visualization Toolkit contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS7AI score0.00164EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/01 6:6 p.m.16 views

CVE-2025-57106

A flaw was found in Kitware VTK Visualization Toolkit. This vulnerability allows a buffer overflow via processing GLTF Graphics Language Transmission Format accessor data in the vtkGLTFDocumentLoader's BufferDataExtractionWorker template function...

7.5CVSS6.6AI score0.00392EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/31 3:30 p.m.5 views

EUVD-2025-37362

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS6.5AI score0.00392EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/31 3:30 p.m.5 views

EUVD-2025-37361

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS6.8AI score0.00164EPSS
Exploits1References2
NVD
NVD
added 2025/10/31 3:15 p.m.6 views

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS0.00164EPSS
Exploits1References1
NVD
NVD
added 2025/10/31 3:15 p.m.7 views

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS0.00392EPSS
Exploits1References2
PyPA
PyPA
added 2025/10/31 3:15 p.m.11 views

PYSEC-2025-225

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS6AI score0.00164EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/10/31 3:15 p.m.8 views

PYSEC-2025-225

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS6AI score0.00164EPSS
Exploits1References1
OSV
OSV
added 2025/10/31 3:15 p.m.9 views

PYSEC-2025-224

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS5.7AI score0.00392EPSS
Exploits1References2
OSV
OSV
added 2025/10/31 3:15 p.m.4 views

UBUNTU-CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

7.1CVSS6AI score0.00164EPSS
Exploits1References3
OSV
OSV
added 2025/10/31 3:15 p.m.5 views

UBUNTU-CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS5.7AI score0.00392EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.6 views

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which stems from a heap buffer overflow that can be caused by the copy constructor of the Accessor object not properly validating buffer boundaries wh...

7.1CVSS6.9AI score0.00164EPSS
Exploits1References1
CVE
CVE
added 2025/10/31 12:0 a.m.40 views

CVE-2025-57106

CVE-2025-57106 affects Kitware VTK up to 9.5.0, where a buffer overflow can occur in vtkGLTFDocumentLoader during GLTF accessor data processing in the BufferDataExtractionWorker template function. Red Hat and ENISA EUVD entries corroborate the same root cause and impact (buffer overflow). The CVE...

7.5CVSS6.6AI score0.00392EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/10/31 12:0 a.m.12 views

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

0.00164EPSS
Exploits1References1
CVE
CVE
added 2025/10/31 12:0 a.m.18 views

CVE-2025-57107

Kitware VTK (Visualization Toolkit) versions up to and including 9.5.0 contain a heap buffer overflow in vtkGLTFDocumentLoader. The root cause is the copy constructor of Accessor objects not properly validating buffer boundaries when processing specially crafted GLTF files, leading to out-of-boun...

7.1CVSS6.9AI score0.00164EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/31 12:0 a.m.1 views

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

6.9AI score0.00164EPSS
Exploits1References1
Rows per page
Query Builder