Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blender vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-1102
Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote malicious users to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image.
Blender Blender 2.45
7.5
CVSSv2
CVE-2005-3151
Buffer overflow in blenderplay in Blender Player 2.37a allows malicious users to execute arbitrary code via a long command line argument.
Blender Blender 2.37a
7.5
CVSSv2
CVE-2005-3302
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows malicious users to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
Blender Blender 2.36
Debian Debian Linux 3.1
1 EDB exploit
5.1
CVSSv2
CVE-2022-0546
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an malicious user to cause denial of service, memory corruption or potentially code execution.
Blender Blender 2.93.8
Blender Blender 3.0
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2.6
CVSSv2
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an malicious user to read sensitive data using a crafted DDS image file. This flaw affects Blender versions before 2.83.19, 2.93.8 and 3.1.
Blender Blender
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.1
CVSSv2
CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an malicious user to leak sensitive information or achieve code execution in the context of the Blender process when a specially c...
Blender Blender
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12086
An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution und...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12081
An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context ...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12099
An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code executio...
Blender Blender 2.78c
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »