Lucene search
K

119 matches found

NVD
NVD
added 2020/12/02 6:15 p.m.21 views

CVE-2020-13496

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further...

6.5CVSS5.1AI score0.0168EPSS
Exploits1References1
NVD
NVD
added 2020/12/02 6:15 p.m.34 views

CVE-2020-13494

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability...

5.5CVSS4.7AI score0.01164EPSS
Exploits1References1
Prion
Prion
added 2020/12/02 6:15 p.m.22 views

Heap overflow

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability...

4.3CVSS5.3AI score0.01164EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/12/02 6:15 p.m.15 views

Design/Logic Flaw

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further...

4.3CVSS6.4AI score0.0168EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/12/02 6:15 p.m.18 views

Design/Logic Flaw

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitatio...

4.3CVSS5.8AI score0.01186EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/12/02 6:15 p.m.15 views

Information disclosure

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and a...

4.3CVSS5.6AI score0.00856EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/12/02 6:15 p.m.26 views

Heap overflow

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an...

6.8CVSS7.6AI score0.0133EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/02 5:30 p.m.37 views

CVE-2020-13498

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and a...

4.3CVSS5.6AI score0.00856EPSS
Exploits1References1
CVE
CVE
added 2020/12/02 5:30 p.m.105 views

CVE-2020-13498

Pixar OpenUSD 20.05 is vulnerable to an out-of-bounds read related to index handling in the USD binary file format. The Talos report details three CVEs (TfToken, String, and SdfPath index reads) where missing bounds checks on internal token/path indices can allow reading beyond the allocated arra...

5.5CVSS5.6AI score0.00856EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/12/02 5:30 p.m.95 views

CVE-2020-13497

CVE-2020-13497 affects Pixar OpenUSD 20.05. The vulnerability is a String Type Index out-of-bounds read in USD crate parsing, triggered by a specially crafted malformed file. It can lead to memory access violations and potential information disclosure or memory corruption. The Talos report confir...

5.5CVSS5.8AI score0.01186EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/02 5:30 p.m.39 views

CVE-2020-13497

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitatio...

4.3CVSS5.8AI score0.01186EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/12/02 5:30 p.m.40 views

CVE-2020-13496

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further...

4.3CVSS6.5AI score0.0168EPSS
Exploits1References1
CVE
CVE
added 2020/12/02 5:30 p.m.102 views

CVE-2020-13496

CVE-2020-13496 affects Pixar OpenUSD 20.05. The TALOS report documents a TfToken Type Index Out Of Bounds Read in the crate parsing path: the code retrieves a token index without proper bounds checks, leading to an out-of-bounds access to the _tokens array and potential information disclosure or ...

6.5CVSS6.4AI score0.0168EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/12/02 5:28 p.m.60 views

CVE-2020-13494

Pixar OpenUSD 20.05 contains a heap overflow in parsing compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap-based buffer overflow, leading to out-of-bounds memory access and potential information disclosure. Exploitation requires the victim to open ...

5.5CVSS5.3AI score0.01164EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/02 5:28 p.m.39 views

CVE-2020-13494

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability...

4.3CVSS5.3AI score0.01164EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/12/02 5:25 p.m.42 views

CVE-2020-13493

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an...

8.8CVSS7.7AI score0.0133EPSS
Exploits1References1
CVE
CVE
added 2020/12/02 5:25 p.m.70 views

CVE-2020-13493

Pixar OpenUSD 20.05 is affected by a set of heap overflow vulnerabilities in the USDC file format when parsing compressed sections. The TALOS report details multiple CVEs (CVE-2020-6147, -6148, -6149, -6150, -6156) where buffers sized from file-provided counts (numFields, numFieldSets, numPaths, ...

8.8CVSS7.6AI score0.0133EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/12/02 12:0 a.m.6 views

PT-2020-13572 · Pixar · Pixar Openusd

Name of the Vulnerable Software and Affected Versions: Pixar OpenUSD version 20.05 Description: A heap overflow issue exists in the parsing of compressed string tokens in binary USD files. This can be triggered by a specially crafted malformed file, leading to out of bounds memory access and...

5.5CVSS4.7AI score0.01164EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2020/12/02 12:0 a.m.7 views

PT-2020-13575 · Pixar · Pixar Openusd

Name of the Vulnerable Software and Affected Versions: Pixar OpenUSD version 20.05 Description: An issue exists in the way Pixar OpenUSD handles certain encoded types, allowing a specially crafted malformed file to trigger an arbitrary out of bounds memory access. This could lead to information...

5.5CVSS4.6AI score0.00856EPSS
Exploits1References4
CNNVD
CNNVD
added 2020/12/02 12:0 a.m.10 views

Pixar OpenUSD Buffer Error Vulnerability

Pixar OpenUSD is a software from the American company Pixar Pixar that generates 3D computer scenes. The software is widely used in the animation and game industries for designing 3D scenes. A security vulnerability exists in Pixar OpenUSD 20.05 that stems from an exploitable flaw in the way it...

5.5CVSS6AI score0.01186EPSS
Exploits1References2
Rows per page
Query Builder