Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blender blender vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1102
Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote malicious users to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image.
Blender Blender 2.45
NA
CVE-2008-4863
Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.
Blender Blender 2.46
NA
CVE-2005-3302
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows malicious users to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
Blender Blender 2.36
Debian Debian Linux 3.1
1 EDB exploit
7.8
CVSSv3
CVE-2022-0546
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an malicious user to cause denial of service, memory corruption or potentially code execution.
Blender Blender 2.93.8
Blender Blender 3.0
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an malicious user to read sensitive data using a crafted DDS image file. This flaw affects Blender versions before 2.83.19, 2.93.8 and 3.1.
Blender Blender
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an malicious user to leak sensitive information or achieve code execution in the context of the Blender process when a specially c...
Blender Blender
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2017-12100
An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under ...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-12102
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context o...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-12081
An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context ...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »