CVE-2021-37179

A vulnerability has been identified in Solid Edge SE2021 All Versions SE2021MP7. The PSKERNEL.dll library in affected application lacks proper validation while parsing user-supplied OBJ files that could lead to a use-after-free condition. An attacker could leverage this vulnerability to execute...

Design/Logic Flaw

A vulnerability has been identified in Solid Edge SE2021 All Versions SE2021MP7. The PSKERNEL.dll library in affected application lacks proper validation while parsing user-supplied OBJ files that could lead to a use-after-free condition. An attacker could leverage this vulnerability to execute...

Design/Logic Flaw

A vulnerability has been identified in Solid Edge SE2021 All Versions SE2021MP7. The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute co...

CVE-2021-37180

A vulnerability has been identified in Solid Edge SE2021 All Versions SE2021MP7. The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute co...

CVE-2021-37180

CVE-2021-37180 affects Siemens Solid Edge SE2021 (all versions

Siemens Solid Edge 资源管理错误漏洞

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. The software can be used in industries such as part design, assembly design, sheet metal design, welding design, etc. A security vulnerability exists in Siemens Solid Edge, which stems from the lack of proper validation of th...

GSD-2021-1000803 amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create

amdgpu: fix GEM obj leak in amdgpudisplayuserframebuffercreate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

UVI-2021-1000803 amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create

amdgpu: fix GEM obj leak in amdgpudisplayuserframebuffercreate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

Prototype pollution in safe-obj

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

app.io (>=0.0.1 <=0.0.4), barbakoa (>=0.0.1 <=0.0.17) +21 more potentially affected by CVE-2021-25928 via safe-obj (=1.0.2)

safe-obj NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on safe-obj and may be impacted: - app.io =0.0.1, =0.0.1, =0.4.0, =0.0.5, =0.0.1, =1.0.0, =1.0.0, =0.2.1, =1.0.0, =0.6.5, =0.3.0, =1.0.1, =1.0.0, =1.0.0, =1.2.2 and more Source...

Microsoft 3D Builder OBJ Code Execution Vulnerability

Microsoft 3D Builder is a 3D modeling tool developed by Microsoft. A code execution vulnerability exists in the Microsoft 3D Builder OBJ handling, which can be exploited by an attacker to submit a special file request that can be tricked into being parsed by the user, which can crash the...

(0Day) Microsoft 3D Builder OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

(0Day) Microsoft Print 3D OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Prototype Pollution

safe-obj is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

Remote code execution

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

CVE-2021-25928 concerns a prototype pollution vulnerability in the npm package ‘safe-obj’ affecting versions 1.0.0 through 1.0.2. The issue allows an attacker to cause a denial of service and may lead to remote code execution via prototype pollution. Several connected sources corroborate the impa...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...