Lucene search
K

11668 matches found

Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.8 views

CVE-2026-42479

An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...

5.8AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36476

A heap-based out-of-bounds read vulnerability in RWObj Reader::read in the OBJ file parser in Open CASCADE Technology OCCT V8 0 0 rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36477

An issue was discovered in VrmlData IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V8 0 0 rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated...

7.5CVSS5.8AI score0.00219EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.28 views

CVE-2026-42479

An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...

0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.12 views

EUVD-2026-26599

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.5 views

EUVD-2026-26600

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2026-26601

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

7.5CVSS5.8AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.9 views

EUVD-2026-26602

An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References1
CVE
CVE
added 2026/05/01 12:0 a.m.18 views

CVE-2026-42480

CVE-2026-42480 is a stack-based out-of-bounds read in Open CASCADE Technology (OCCT) VRML parser: VrmlData_Scene::ReadLine. The quoted-string escape handler uses ptr[++anOffset] without proper bounds checking, enabling denial-of-service via a crafted VRML file. Affected component is OCCT v8_0_0_r...

5.5CVSS5.9AI score0.00098EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/01 12:0 a.m.11 views

CVE-2026-42479

CVE-2026-42479 affects Open CASCADE Technology (OCCT) version V8_0_0_rc5. The VrmlData_IndexedLineSet::TShape in the VRML parser uses coordIndex values from input as direct array indices without validating against the coordinate array size during geometry processing, leading to an out-of-bounds r...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/01 12:0 a.m.9 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities affect Open CASCADE Technology (OCCT) V8_0_0_rc5 in the STL ASCII file parser (RWStl_Reader::ReadAscii). In CTL: buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before strncasecmp or direct byte access, en...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/01 12:0 a.m.14 views

CVE-2026-42478

CVE-2026-42478 affects OCCT (Open CASCADE Technology) at V8_0_0_rc5, specifically VrmlData_IndexedFaceSet::TShape. A crafted VRML file can trigger a dereference of a corrupt or unvalidated pointer during shape construction in libTKDEVRML.so, allowing a denial-of-service. Documented impact: high s...

7.5CVSS5.8AI score0.00219EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.7 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.28 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

0.00106EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.5 views

CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

7.5CVSS5.8AI score0.00219EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.5 views

CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...

5.5CVSS5.9AI score0.00098EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.8 views

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

5.5CVSS5.8AI score0.00098EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/29 2:26 p.m.11 views

Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5.2 Technology Preview security update

A new set of Red Hat Update Infrastructure container images is now available as a Technology Preview in the Red Hat container registry. Technology Preview features are not fully supported, may not be functionally complete, and are not suitable for deployment in production...

9.8CVSS6.8AI score0.01162EPSS
Exploits0References13
Snyk
Snyk
added 2026/04/28 10:0 p.m.6 views

Malicious Package

Overview @solana-launchpad/sdk is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder