CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

341 matches found

CNNVD•added 2021/04/26 12:0 a.m.•1 views

safe-obj 安全漏洞

A security vulnerability exists in safe-obj versions 1.0.0 through 1.0.2 that can be exploited by an attacker to cause a denial of service and possibly remote code execution...

9.8CVSS8.7AI score0.02947EPSS

Exploits1References3

Talos•added 2021/04/21 12:0 a.m.•340 views

Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Version...

8.8CVSS7.6AI score0.00387EPSS

Exploits1

Talos•added 2021/04/21 12:0 a.m.•80 views

Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the Objparser::objparse functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS8AI score0.00608EPSS

Exploits1

NVD•added 2021/04/13 7:15 p.m.•10 views

CVE-2020-28590

An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

8.6CVSS0.00285EPSS

Exploits1References1

OSV•added 2021/04/13 7:15 p.m.•7 views

CVE-2020-28590

6.5CVSS6.1AI score

Exploits0References1

UbuntuCve•added 2021/04/13 7:15 p.m.•19 views

CVE-2020-28590

8.6CVSS6.9AI score0.00285EPSS

Exploits1References2

OSV•added 2021/04/13 7:15 p.m.•2 views

UBUNTU-CVE-2020-28590

8.6CVSS6.9AI score0.00285EPSS

Exploits1References3

Prion•added 2021/04/13 7:15 p.m.•18 views

Cross site scripting

4.3CVSS6AI score0.00285EPSS

Exploits1References1Affected Software1

CVE•added 2021/04/13 6:6 p.m.•46 views

CVE-2020-28590

The CVE-2020-28590 entry concerns an out-of-bounds read in the Obj File TriangleMesh::TriangleMesh() function of libslic3r (Slic3r) version 1.3.0 and Master Commit 92abbc42. A specially crafted OBJ file could trigger information disclosure. The vulnerability originates from the TriangleMesh() imp...

8.6CVSS6AI score0.00285EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/04/13 6:6 p.m.•13 views

CVE-2020-28590

8.6CVSS6.1AI score0.00285EPSS

Exploits1References1

Debian CVE•added 2021/04/13 6:6 p.m.•17 views

CVE-2020-28590

8.6CVSS7AI score0.00285EPSS

Exploits1

Talos•added 2021/02/24 12:0 a.m.•23 views

Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this...

8.6CVSS6.5AI score0.00285EPSS

Exploits1

NVD•added 2021/02/10 10:15 p.m.•7 views

CVE-2020-28596

A stack-based buffer overflow vulnerability exists in the Objparser::objparse functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS0.00608EPSS

Exploits1References1

OSV•added 2021/02/10 10:15 p.m.•1 views

UBUNTU-CVE-2020-28595

An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS5.9AI score0.00387EPSS

Exploits1References3

UbuntuCve•added 2021/02/10 10:15 p.m.•12 views

CVE-2020-28596

8.8CVSS7.5AI score0.00608EPSS

Exploits1References2

Debian CVE•added 2021/02/10 9:51 p.m.•8 views

CVE-2020-28595

8.8CVSS8.3AI score0.00387EPSS

Exploits1

CVE•added 2021/02/10 9:51 p.m.•63 views

CVE-2020-28596

PrusaSlicer 2.2.0 and Master (commit 4b040b856) are affected by a stack-based buffer overflow in ObjParser::objparse(). A fixed-size stack buffer (buf) is fed by fread in a loop, with insufficient bounds checking, enabling potential code execution via a crafted .obj file. The vulnerability is evi...

8.8CVSS7.8AI score0.00608EPSS

Exploits1References1Affected Software1

Debian CVE•added 2021/02/10 9:51 p.m.•11 views

CVE-2020-28596

8.8CVSS8.5AI score0.00608EPSS

Exploits1

Huntr•added 2021/01/30 12:0 a.m.•31 views

Prototype Pollution in tandrewnichols/safe-obj

Description safe-obj is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js var safeObj = require"safe-obj" var obj = ; console.log"Before: " + .polluted safeObj.expandobj, "proto.polluted", true console.log"After: " + .polluted 2. Execute th...

7.5CVSS1.8AI score0.02947EPSS

Exploits1

Positive Technologies•added 2021/01/24 12:0 a.m.•5 views

PT-2021-11565 · Prusa +1 · Prusaslicer +1

Name of the Vulnerable Software and Affected Versions: PrusaSlicer versions 2.2.0 and Master commit 4b040b856 Description: An out-of-bounds write issue exists in the load obj functionality of the Obj.cpp file. This can be triggered by a specially crafted obj file, potentially leading to code...

8.8CVSS8.2AI score0.00387EPSS

Exploits1References14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by