CVE-2020-13494

MEDIUM Year: 2020
CVSS v3 Score
4.3
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-122
View all →

Vulnerability Description

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file.

Related Vulnerabilities

CVE-2022-3437

MEDIUM
CVSS:4.3(Medium)

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI lib...

CWE-1222022

CVE-2024-27245

MEDIUM
CVSS:4.3(Medium)

Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

CWE-1222024

CVE-2024-39133

MEDIUM
CVSS:4.3(Medium)

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.

CWE-1222024

CVE-2024-46632

MEDIUM
CVSS:4.3(Medium)

Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.

CWE-1222024

CVE-2025-22134

MEDIUM
CVSS:4.2(Medium)

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to...

CWE-1222025

CVE-2024-43790

MEDIUM
CVSS:4.5(Medium)

Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen ...

CWE-1222024