Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

OESA-2026-2056 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

OESA-2026-2054 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A heap-buffer-overflow vulnerability...

OESA-2026-1659 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

OESA-2026-1658 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

CVE-2022-31530

The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Barco ClickShare Devices Cross-site Scripting (CVE-2016-3150)

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

Barco ClickShare Devices Arbitrary Code Execution (CVE-2016-3149)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Barco ClickShare Devices OS Command Injection (CVE-2017-9377)

A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device. This plugin only works...

EUVD-2000-0042

Malware in sbrugna...

EUVD-1999-1130

Malware in sbrugna...

EUVD-2022-52986

Malicious code in bioql PyPI...

OESA-2025-2179 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability has been found in Op...

OESA-2025-2178 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability has been found in Op...

Linux Distros Unpatched Vulnerability : CVE-2025-2750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function...

MAL-2025-6333 Malicious code in solhint-plugin-lido-csm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e1653573c57f50f3e9d72fc8293e9051133742e8ea749ca7dda26c7eb89375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in solhint-plugin-lido-csm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e1653573c57f50f3e9d72fc8293e9051133742e8ea749ca7dda26c7eb89375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Linux 2 : qt5-qt3d (ALAS-2025-2903)

The version of qt5-qt3d installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2903 advisory. A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the...

Medium: qt5-qt3d

Issue Overview: A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

CVE-2025-2751

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na...