How severe is CVE-2025-2755?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-2755?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2025-2755 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument src.entries leads to out-of-bounds read. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2013-3245

MEDIUM

CVSS:6.3(Medium)

plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a ...

CWE-1192013

CVE-2016-1176

MEDIUM

CVSS:6.3(Medium)

Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.

CWE-1192016

CVE-2016-1628

MEDIUM

CVSS:6.3(Medium)

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of ser...

CWE-1192016

CVE-2016-1737

MEDIUM

CVSS:6.3(Medium)

Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.

CWE-1192016

CVE-2016-2837

MEDIUM

CVSS:6.3(Medium)

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remot...

CWE-1192016

CVE-2016-5728

MEDIUM

CVSS:6.3(Medium)

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memo...

CWE-1192016