CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0545 – Gentoo Linux Security Advisory 202403-02
https://notcve.org/view.php?id=CVE-2022-0545
24 Feb 2022 — An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. Un desbordamiento de enteros en el procesamiento de imágenes 2D cargadas conlleva a una vulnerabilidad de escritura y lectura fuera de límit... • https://developer.blender.org/T94629 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0544 – Gentoo Linux Security Advisory 202403-02
https://notcve.org/view.php?id=CVE-2022-0544
24 Feb 2022 — An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. Un desbordamiento de enteros en el cargador DDS de Blender conlleva a una lectura fuera de límites, permitiendo posiblemente a un atacante leer datos confidenciales usando un archivo de imagen DDS diseñado. Este fallo afecta a Blender versiones anteriores a 2.83.19, 2.93.8 y ... • https://developer.blender.org/T94661 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12081 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12081
24 Apr 2018 — An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la actualización de un atributo Mesh heredado de l... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12082 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12082
24 Apr 2018 — An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to edit an object within a .blend library in their Scene in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcio... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12086 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12086
24 Apr 2018 — An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcionalidad 'BKE_mesh_calc_normals_tessface' de la suite d... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12099 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12099
24 Apr 2018 — An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la actualización del atributo 'tface' de... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12100 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12100
24 Apr 2018 — An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcionalidad 'multires_load_old_dm' de la suite de código abie... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12101 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12101
24 Apr 2018 — An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open a .blend file in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la funcionalidad 'modifier_mdef_compact_influences' de... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12102 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12102
24 Apr 2018 — An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la forma en la que la suite de código abierto... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1CVE-2017-12103 – Debian Security Advisory 4248-1
https://notcve.org/view.php?id=CVE-2017-12103
24 Apr 2018 — An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use the file as a library in order to trigger this vulnerability. Existe un desbordamiento de enteros explotable en la forma en la que la suite... • https://lists.debian.org/debian-lts-announce/2018/08/msg00011.html • CWE-190: Integer Overflow or Wraparound •