| BDSA-2026-9031 |
|
Medium |
May 06, 2026 |
Assimp is vulnerable to denial-of-service (DoS) due to a NULL pointer dereference. This could allow an unauthenticated remote attacker to cause a denia
more...
Assimp is vulnerable to denial-of-service (DoS) due to a NULL pointer dereference. This could allow an unauthenticated remote attacker to cause a denial-of-service (DoS) by supplying a crafted FBX file with empty token lists, potentially leading to a crash during the import process.
less...
|
|
| BDSA-2026-9030 |
|
Medium |
May 06, 2026 |
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A remote unauthenticated attacker could exploit this by supplying a craf
more...
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A remote unauthenticated attacker could exploit this by supplying a crafted FBX file containing an excessively long material property name, which could cause a write beyond the fixed-size material-property key buffer, potentially allowing code execution. Successful exploitation could allow for memory corruption, which could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|
| BDSA-2026-9029 |
|
Medium |
May 06, 2026 |
Assimp is vulnerable to denial-of-service (DoS) due to uncontrolled resource consumption. A remote unauthenticated attacker could exploit this by suppl
more...
Assimp is vulnerable to denial-of-service (DoS) due to uncontrolled resource consumption. A remote unauthenticated attacker could exploit this by supplying a crafted FBX file, which could cause excessive memory allocation or process termination.
less...
|
|
| BDSA-2026-13493 |
|
Low |
Jun 12, 2026 |
Assimp is vulnerable to data exposure due to an out-of-bounds read. An authenticated local attacker could exploit this by supplying a crafted MDL file,
more...
Assimp is vulnerable to data exposure due to an out-of-bounds read. An authenticated local attacker could exploit this by supplying a crafted MDL file, which could read memory beyond the intended buffer, which could expose data.
less...
|
|
| BDSA-2026-13492 |
|
Medium |
Jun 12, 2026 |
Assimp is vulnerable to memory corruption due to a use-after-free. A local authenticated attacker could exploit this in order to cause a crash in the a
more...
Assimp is vulnerable to memory corruption due to a use-after-free. A local authenticated attacker could exploit this in order to cause a crash in the application or achieve arbitrary code execution. Successful exploitation could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|
| BDSA-2026-13490 |
|
Medium |
Jun 12, 2026 |
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A local authenticated attacker could exploit this in order to cause appl
more...
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A local authenticated attacker could exploit this in order to cause application crashes or other unintended behavior. Successful exploitation could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|
| BDSA-2026-13489 |
|
Medium |
Jun 12, 2026 |
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. An authenticated local attacker could exploit this by sending a crafted
more...
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. An authenticated local attacker could exploit this by sending a crafted Half-Life 1 MDL file, which could cause a crash or allow for arbitrary code execution. Successful exploitation could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|
| BDSA-2026-13488 |
|
Medium |
Jun 12, 2026 |
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. An authenticated local attacker could exploit this by supplying a crafte
more...
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. An authenticated local attacker could exploit this by supplying a crafted Half-Life 1 MDL file, which could cause application crashes or allow for arbitrary code execution. Successful exploitation could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|
| BDSA-2026-13487 |
|
Low |
Jun 12, 2026 |
Assimp is vulnerable to denial-of-service (DoS) due to improper UV channel validation. A local authenticated attacker could exploit this by supplying a
more...
Assimp is vulnerable to denial-of-service (DoS) due to improper UV channel validation. A local authenticated attacker could exploit this by supplying a crafted FBX file, which could cause a division by zero when a UV channel exists with zero components potentially crashing the application.
less...
|
|
| BDSA-2026-13486 |
|
Medium |
Jun 12, 2026 |
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A local authenticated attacker could exploit this by supplying a crafted
more...
Assimp is vulnerable to memory corruption due to a heap-based buffer overflow. A local authenticated attacker could exploit this by supplying a crafted glTF file, which could cause an out-of-bounds read potentially leaking sensitive data or causing application crashes. Successful exploitation could be leveraged to achieve more serious confidentiality, integrity or availability impacts.
less...
|
|