Lucene search
K

47 matches found

OSV
OSV
added 2025/10/31 3:15 p.m.8 views

PYSEC-2025-226

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files...

9.8CVSS5.7AI score0.0036EPSS
Exploits1References1
PyPA
PyPA
added 2025/10/31 3:15 p.m.9 views

PYSEC-2025-224

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS5.7AI score0.00392EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/10/31 3:15 p.m.4 views

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2025/10/31 3:15 p.m.4 views

CVE-2025-57108

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files...

9.8CVSS7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.10 views

PT-2025-44637

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap use-after-free issue in vtkGLTFDocumentLoader. This occurs during mesh object copy operations, where vector members are accessed after the memory...

9.8CVSS6.5AI score0.0036EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/31 12:0 a.m.8 views

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

0.00392EPSS
Exploits1References2
CVE
CVE
added 2025/10/31 12:0 a.m.27 views

CVE-2025-57108

Kitware VTK (Visualization Toolkit) up to version 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The flaw occurs during mesh object copy operations when GLTF files contain corrupted or invalid mesh reference structures, causing vector members to be accessed after the...

9.8CVSS6.7AI score0.0036EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.8 views

PT-2025-44635

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions prior to 9.5.1 Description Kitware VTK Visualization Toolkit versions up to 9.5.0 have a buffer overflow issue in the vtkGLTFDocumentLoader component. This occurs within the BufferDataExtractionWorker...

7.5CVSS6.9AI score0.00392EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/10/31 12:0 a.m.1 views

CVE-2025-57107

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

6.9AI score0.00164EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/31 12:0 a.m.2 views

CVE-2025-57108

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files...

6.7AI score0.0036EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-57107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF...

7.1CVSS5.8AI score0.00164EPSS
Exploits1References3
NVD
NVD
added 2025/09/26 1:15 p.m.4 views

CVE-2025-11013

A vulnerability was identified in BehaviorTree up to 4.7.0. This vulnerability affects the function XMLParser::PImpl::loadDocImpl of the file /src/xmlparsing.cpp of the component XML Parser. The manipulation leads to null pointer dereference. The attack can only be performed from a local...

5.5CVSS0.00187EPSS
Exploits1References6
Citrix
Citrix
added 2023/11/14 12:0 a.m.8 views

Default printer becomes "Webex Document Loader"

Even set the Citrix policy "Do not adjust the user’s default printer", the default printer becomes "Webex Document Loader" after logging in...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.5 views

SUSE CVE-2014-1747

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

4.3CVSS7.7AI score0.01832EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.4 views

SUSE CVE-2016-1711

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS8.8AI score0.015EPSS
Exploits1References7
seebug.org
seebug.org
added 2017/04/21 12:0 a.m.78 views

Chrome Universal XSS via reentrancy in FrameLoader::startLoad (CVE-2016-1697)

VULNERABILITY DETAILS From /thirdparty/WebKit/Source/core/loader/FrameLoader.cpp: void FrameLoader::startLoad... ASSERTclient-hasWebView; if mframe-document-pageDismissalEventBeingDispatched != Document::NoDismissal return; ... mframe-document-cancelParsing;...

6.8CVSS8.5AI score0.01849EPSS
Exploits1
CNVD
CNVD
added 2016/07/27 12:0 a.m.1 views

Google Chrome Blink Same-Origin Policy Bypass Vulnerability (CNVD-2016-05588)

Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A same-origin policy bypass vulnerability exists in the WebKit/Source/core/loader/FrameLoader.cpp file in Blink used in versions prior to Google...

8.8CVSS8.9AI score0.015EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/07/26 5:18 a.m.5 views

chromium-browser: same-origin bypass in blink

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.4AI score0.015EPSS
Exploits1References5
OSV
OSV
added 2016/07/23 12:0 a.m.3 views

UBUNTU-CVE-2016-1711

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.3AI score0.015EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/06/17 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the FrameLoader::startLoad function WebKit/Source/core/loader/FrameLoader.cpp in the Google Chrome browser’s Blink component is related to the lack of control over frame navigation during interrupt operations of the DocumentLoader. Exploiting this vulnerability could allow a...

6.8CVSS7.6AI score0.01849EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder