Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.13 views

PT-2026-36803

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.3 Description A buffer overflow exists in the FBX Importer. The issue occurs within the aiMaterial::AddBinaryProperty function, where a property key string from a specially crafted FBX file is copied into a...

9.8CVSS6AI score0.0034EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the FBX importer’s aiMaterial::AddBinaryProperty function, which copie...

9.8CVSS6AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 12:0 a.m.31 views

EUVD-2025-209616

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

5.8AI score0.0034EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.4 views

CVE-2021-27031

A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system...

9.3CVSS7.4AI score0.01378EPSS
Exploits0References1
OSV
OSV
added 2025/12/04 12:10 a.m.8 views

OSV-2025-965 Stack-use-after-scope in Assimp::FBX::FBXExportProperty::FBXExportProperty

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=465494996 Crash type: Stack-use-after-scope READ 1 Crash state: Assimp::FBX::FBXExportProperty::FBXExportProperty Assimp::FBX::FBXExportProperty std::1::vectorAssimp::FBX::FBXExportProperty, Assimp::FBXExporter::WriteObjects...

5.4AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-7924

Malware in sbrugna...

6.8CVSS6.4AI score0.03313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.5 views

CVE-2020-6358

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

4.3CVSS6.6AI score0.01623EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:48 a.m.10 views

CVE-2015-8029

SAP 3D Visual Enterprise Viewer VEV allows remote attackers to execute arbitrary code via a crafted Filmbox document, which triggers memory corruption...

6.8CVSS8AI score0.03313EPSS
Exploits0References1
OSV
OSV
added 2024/01/09 6:15 p.m.2 views

CVE-2024-20677

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have acces...

7.8CVSS7.6AI score0.0326EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.7 views

The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to insufficient validation of input data during the processing of FBX files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.00979EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/10/11 12:0 a.m.5 views

The vulnerability relates to the set of tools and libraries used for creating, importing, and exporting 3D models with the Autodesk FBX SDK. It stems from writing beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the tools and libraries used for creating, importing, and exporting 3D models in the Autodesk FBX SDK is related to writing data beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.8AI score0.00643EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/22 12:0 a.m.8 views

The vulnerability relates to the set of tools and libraries used for creating, importing, and exporting 3D models with the Autodesk FBX SDK. It stems from the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the tools and libraries used for creating, importing, and exporting 3D models in the Autodesk FBX SDK is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created FBX file...

7.8CVSS7.8AI score0.00351EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.2 views

PT-2023-35831 · Assimp · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to an Invalid-free crash type. It involves the Assimp::FBX::Scope::Scope and Assimp::FBX::Element::Element functions. No information is provided about the estimated numb...

6.9AI score
Exploits0References2
CNNVD
CNNVD
added 2023/04/17 12:0 a.m.4 views

Autodesk FBX-SDK 缓冲区错误漏洞

Autodesk FBX-SDK is a C++ software development platform and API toolkit from Autodesk, Inc. that is primarily used to convert existing content to FBX format. A security vulnerability exists in Autodesk FBX-SDK version 2020 and prior versions, which can be exploited by an attacker to trick a user...

7.8CVSS8AI score0.00643EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/31 12:0 a.m.6 views

PT-2023-14278 · Bentley · Bentley View

Name of the Vulnerable Software and Affected Versions: Bentley View affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Bentley View. It requires user interaction, where the target must visit a malicious pa...

5.5CVSS4.1AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.8 views

Autodesk Moldflow 缓冲区错误漏洞

Autodesk Moldflow is a software simulation from the American company Autodesk. It can show how the resin fills the mold during the injection molding process. A security vulnerability exists in Autodesk Moldflow version 2021, 2019 that originates from a maliciously crafted used through the Moldflo...

7.8CVSS7.6AI score0.00387EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/15 11:15 p.m.3 views

CVE-2022-35905

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

3.3CVSS5.8AI score0.00199EPSS
Exploits0References2
OSV
OSV
added 2022/07/15 11:15 p.m.0 views

CVE-2022-35905

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

3.3CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.11 views

CVE-2021-46630

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

5.5CVSS4.1AI score0.0151EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2020/09/18 12:0 a.m.3 views

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53171)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted FBX file...

4.3CVSS6.8AI score0.01623EPSS
Exploits0References1
Rows per page
Query Builder