| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3. |
| MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3. |
| MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses MaterialX by sending a malicious MTLX file. This is fixed in version 1.39.3. |
| NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4. |
| Memory corruption may occur while processing device IO control call for session control. |
| Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads. |
| Memory corruption while processing memory map or unmap IOCTL operations simultaneously. |
| Memory corruption while processing IOCTL calls. |
| Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks. |
| memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed. |
| Transient DOS while processing the tone measurement response buffer when the response buffer is out of range. |
| Memory corruption during dynamic process creation call when client is only passing address and length of shell binary. |
| Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC. |
| Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources. |
| Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. |
| A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| Cross Site Scripting vulnerability in grav v.1.7.48, v.1.7.47 and v.1.7.46 allows an attacker to execute arbitrary code via the onerror attribute of the img element |
| Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. |
| Transient DOS while creating NDP instance. |
