CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0545 – Gentoo Linux Security Advisory 202403-02
https://notcve.org/view.php?id=CVE-2022-0545
24 Feb 2022 — An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. Un desbordamiento de enteros en el procesamiento de imágenes 2D cargadas conlleva a una vulnerabilidad de escritura y lectura fuera de límit... • https://developer.blender.org/T94629 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0544 – Gentoo Linux Security Advisory 202403-02
https://notcve.org/view.php?id=CVE-2022-0544
24 Feb 2022 — An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. Un desbordamiento de enteros en el cargador DDS de Blender conlleva a una lectura fuera de límites, permitiendo posiblemente a un atacante leer datos confidenciales usando un archivo de imagen DDS diseñado. Este fallo afecta a Blender versiones anteriores a 2.83.19, 2.93.8 y ... • https://developer.blender.org/T94661 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5105
https://notcve.org/view.php?id=CVE-2010-5105
27 Apr 2014 — The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103. La rutina de deshacer guardar salir en el kernel en Blender 2.5, 2.63a, y anteriores permite a usuarios locales sobrescribir archivos arbitrarios a través de un ataque symlink sobre el archivo quit.blend temporal. NOTA: este problema podría ser una regresión de CVE-2008-1103. • http://lists.opensuse.org/opensuse-updates/2013-02/msg00047.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 2CVE-2009-3850 – Blender 2.34/2.35a/2.4/2.49b - '.blend' Command Injection
https://notcve.org/view.php?id=CVE-2009-3850
06 Nov 2009 — Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA. Blender v2.34, v2.35a, v2.40, y v2.49b permite a atacantes remotos ejecutar código de su elección mediante un fichero .blend que contenga sentencias Python en la acción onLoad de un ScriptLink SDNA. Multiple vulnerabilities have been found in Blender, the worst of which could allow attackers to execute arbitrary code. Versions les... • https://www.exploit-db.com/exploits/9843 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4863
https://notcve.org/view.php?id=CVE-2008-4863
31 Oct 2008 — Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function. Vulnerabilidad de ruta de búsqueda no confiada en BPY_interface in Blender v2.46 permite a usuarios locales ejecutar código de su elección mediante un archivo Python caballo de troya en el directorio actual, relacionado con una configuración errónea de sys.p... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503632 •
CVSS: 7.8EPSS: 7%CPEs: 1EXPL: 0CVE-2008-1102 – Gentoo Linux Security Advisory 201311-07
https://notcve.org/view.php?id=CVE-2008-1102
21 Apr 2008 — Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image. Desbordamiento de búfer basado en pila en la función imb_loadhdr de Blender 2.45 permite a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un fichero .blend que contiene imágenes Radiance RGBE manipuladas. Multiple vulnerabilities have been found in Blender, the worst of whi... • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 4EXPL: 0CVE-2007-1253
https://notcve.org/view.php?id=CVE-2007-1253
03 Mar 2007 — Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file. Vulnerabilidad de inyección de evaluación en el (a) Script para Blender 0.1.9h kmz_ImportWithMesh.py tal y como se usa en (b) Blender versiones anteriores a 2.43, permite a usuarios remotos con la ayuda del usuario ejecutar código Pyton de su elección importando un fi... • http://osvdb.org/33836 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 2CVE-2005-3302 – Blender 2.36 - '.BVF' File Import Python Code Execution
https://notcve.org/view.php?id=CVE-2005-3302
24 Oct 2005 — Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. • https://www.exploit-db.com/exploits/27728 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2005-3151
https://notcve.org/view.php?id=CVE-2005-3151
05 Oct 2005 — Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument. • http://secunia.com/advisories/17013 •