Lucene search
K

4 matches found

OSV
OSV
added 2026/02/18 12:0 a.m.5 views

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

6.5CVSS5.6AI score0.00288EPSS
Exploits1References3
CVE
CVE
added 2025/08/01 6:0 p.m.28 views

CVE-2025-53012

MaterialX 1.39.2 contains a stack-exhaustion vulnerability in its import processing due to no limit on import chain depth. Nested file imports trigger recursion without depth restrictions, allowing an attacker to crash or stall a process parsing MaterialX files. The issue is fixed in MaterialX 1....

7.5CVSS6.8AI score0.00818EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/08/01 6:0 p.m.13 views

CVE-2025-53012 MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...

6.9CVSS0.00818EPSS
Exploits1References4
OSV
OSV
added 2025/07/31 7:37 p.m.7 views

GHSA-QC2H-74X3-4V3W MaterialX Lack of MTLX Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion

Summary Nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. Details The MaterialX specification supports importing other files by using XInclude tags. When parsing file imports, recursion is used to process...

6.9CVSS7.2AI score0.00818EPSS
Exploits1References6
Rows per page
Query Builder