CVE-2022-2833

all versions

Endless Infinite loop in Blender-thumnailing due to logical bugs.

7.5HIGH

CVE-2022-2832

all versions

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to l

7.5HIGH

CVE-2022-2831

all versions

A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program

7.5HIGH

CVE-2022-0546

all versions

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker

7.8HIGH

CVE-2022-0545

< 2.83.19

An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vuln

7.8HIGH

CVE-2022-0544

< 2.83.19

An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive

5.5MEDIUM

CVE-2017-2918

all versions

An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A s

7.8HIGH

CVE-2017-2908

all versions

An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c.

7.8HIGH

CVE-2017-2907

all versions

An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version

7.8HIGH

CVE-2017-2906

all versions

An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version

7.8HIGH

CVE-2017-2905

all versions

An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c

7.8HIGH

CVE-2017-2904

all versions

An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version

7.8HIGH

CVE-2017-2903

all versions

An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c

7.8HIGH

CVE-2017-2902

all versions

An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c

7.8HIGH

CVE-2017-2901

all versions

An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78

7.8HIGH

CVE-2017-2900

all versions

An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c

7.8HIGH

CVE-2017-2899

all versions

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78

7.8HIGH

CVE-2017-12105

all versions

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular objec

7.8HIGH

CVE-2017-12104

all versions

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A

7.8HIGH

CVE-2017-12103

all versions

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as

7.8HIGH

CVE-2017-12102

all versions

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygon

7.8HIGH

CVE-2017-12101

all versions

An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creat

7.8HIGH

CVE-2017-12100

all versions

An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2

7.8HIGH

CVE-2017-12099

all versions

An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation

7.8HIGH

CVE-2017-12086

all versions

An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creatio

7.8HIGH

CVE-2017-12082

all versions

An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite

7.8HIGH

CVE-2017-12081

all versions

An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.7

7.8HIGH

CVE-2010-5105

<= 2.63a

The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a

CVE-2009-3850

all versions

Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python stat

CVE-2008-4863

all versions

Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan hor

CVE-2008-1103

all versions

Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."

CVE-2008-1102

all versions

Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary

CVE-2007-1253

<= 2.42a

Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allow

CVE-2005-4470

<= 2.40_pre

Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attacke

CVE-2005-3302

all versions

Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy el

7.3HIGH

CVE-2005-3151

all versions

Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument