CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...

[SECURITY] Fedora 42 Update: plantuml-1.2026.1-1.fc42

PlantUML is a program allowing to draw UML diagrams, using a simple and human readable text description. It is extremely useful for code documenting, sketching project architecture during team conversations and so on. PlantUML supports the following diagram types - sequence diagram - use case...

Bridging Threat Models and Detections: Formal Verification Via CADP

Threat detection systems rely on rule-based logic to identify adversarial behaviors, yet the conformance of these rules to high-level threat models is rarely verified formally. We present a formal verification framework that models both detection logic and attack trees as labeled transition syste...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the issue where operations exceed the buffer boundaries in memory when processing WRL files. Exploiting this vulnerability could allow an...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory when processing WRL files. Exploiting this vulnerability can allow an attacker to execu...

The vulnerability of the yyparse() function in the syntax analyzer and tools for the YANG modeling language Libyang allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the yyparse function in the syntax analyzer and modeling tool of the YANG Libyang language is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures remotely...

CVE-2022-47636

A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file OutSystems Modeling Language, the application will load the following DLLs from the same directory avlibGLESv2.dll, libcef.DLL, user32.dll, and d3d10warp.dll. Using...

PT-2023-5134 · Microsoft · 3D Builder

Name of the Vulnerable Software and Affected Versions: 3D Builder affected versions not specified Description: The issue is related to a buffer overflow in memory when handling WRL files, which can allow an attacker to execute arbitrary code by loading a specially crafted file or link...

GHSA-M3Q4-7QMJ-657M OpenFGA Authorization Bypass

Overview During our internal security assessment, it was discovered that OpenFGA versions v0.3.0 is vulnerable to authorization bypass under certain conditions. Am I Affected? You are affected by this vulnerability if all of the following applies: 1. You are using OpenFGA v0.3.0 2. You created a...

OpenFGA Authorization Bypass

Overview During our internal security assessment, it was discovered that OpenFGA versions v0.3.0 is vulnerable to authorization bypass under certain conditions. Am I Affected? You are affected by this vulnerability if all of the following applies: 1. You are using OpenFGA v0.3.0 2. You created a...

The vulnerability of the Microsoft Visio graphical editor, allowing a hacker to execute arbitrary code

The vulnerability of Microsoft Visio’s graphical editor is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted UML data within an Office document...