Lucene search
K

60 matches found

OSV
OSV
added 2025/07/14 7:49 p.m.4 views

MAL-2025-5847 Malicious code in vtk-osmesa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 910e787804512eabe1c118f5347fed9f57ca936717e18a80d26622108d75399e During the installation, sensitive information are exfiltrated incl. env variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.9 views

The vulnerability of the xmlDocGetRootElement() function in the IO/Infovis/vtkXMLTreeReader.cxx component of the VTK image processing library allows a attacker to cause a service failure.

The vulnerability of the xmlDocGetRootElement function in the IO/Infovis/vtkXMLTreeReader.cxx component of the VTK image processing library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS7.2AI score0.01066EPSS
Exploits1References7Affected Software3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-42521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value ...

7.5CVSS7.1AI score0.01066EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.30 views

Ubuntu 16.04 ESM : VTK vulnerabilities (USN-4852-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4852-1 advisory. It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a deni...

7.8CVSS7.3AI score0.07107EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2023/05/12 12:0 a.m.14 views

Fedora: Security Advisory for vtk (FEDORA-2023-2cf9dd7d52)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01066EPSS
Exploits1References2
Fedora
Fedora
added 2023/05/11 1:53 a.m.30 views

[SECURITY] Fedora 37 Update: vtk-9.1.0-18.fc37

VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...

7.5CVSS7.4AI score0.01066EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/05/11 12:0 a.m.20 views

Fedora 37 : vtk (2023-2cf9dd7d52)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cf9dd7d52 advisory. Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference Tenable has extracted the preceding description block directly from th...

7.5CVSS7.3AI score0.01066EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4852-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.6AI score0.07107EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2022/08/26 12:3 a.m.6 views

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +6 more potentially affected by CVE-2021-42521 via vtk (>=8.1.2 <=9.0.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =1.0.0.0, =0.1.262, =0.0.1.dev1, =0.17.0, =0.22.0 Source cves: CVE-2021-42521 Source advisory: OSV:GHSA-XFHG-9PJG-XG7G...

7.5CVSS7.1AI score0.01066EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/08/26 12:3 a.m.30 views

VTK NULL pointer dereference vulnerability

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

7.5CVSS7.2AI score0.01066EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2022/08/25 6:15 p.m.8 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS0.01066EPSS
Exploits1References3
OSV
OSV
added 2022/08/25 6:15 p.m.12 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS7.4AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/08/25 6:15 p.m.39 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS7AI score0.01066EPSS
Exploits1References3
Prion
Prion
added 2022/08/25 6:15 p.m.12 views

Null pointer dereference

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

5CVSS7.4AI score0.01066EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/08/25 6:15 p.m.3 views

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +6 more potentially affected by CVE-2021-42521 via vtk (>=8.1.2 <=9.0.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =1.0.0.0, =0.1.262, =0.0.1.dev1, =0.17.0, =0.22.0 Source cves: CVE-2021-42521 Source advisory: OSV:PYSEC-2022-255...

7.5CVSS7.1AI score0.01066EPSS
Exploits1
Cvelist
Cvelist
added 2022/08/25 12:0 a.m.29 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.6AI score0.01066EPSS
Exploits1References3
CVE
CVE
added 2022/08/25 12:0 a.m.89 views

CVE-2021-42521

VTK vulnerability CVE-2021-42521: a NULL pointer dereference in IO/Infovis/vtkXMLTreeReader.cxx due to the vendor not checking xmlDocGetRootElement’s return value. Affected: VTK before 9.2.5. Impact: possible crash of the application. Root cause: potential NULL dereference when parsing XML with l...

7.5CVSS7.3AI score0.01066EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/08/25 12:0 a.m.38 views

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS7.4AI score0.01066EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:38 p.m.70 views

USN-4852-1: VTK vulnerabilities

It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a denial of service or expose sensitive information...

7.8CVSS7.4AI score0.07107EPSS
Exploits2
Openbugbounty
Openbugbounty
added 2017/12/26 3:10 p.m.6 views

vtk-moscow.ru XSS vulnerability

Open Bug Bounty ID: OBB-459221 Description| Value ---|--- Affected Website:| vtk-moscow.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...

6.4AI score
Exploits0
Rows per page
Query Builder