Security Vulnerabilities
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-04
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-04
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-04
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-04
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.
This issue affects Apache Answer: through 1.7.1.
An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. This allows unauthorized user to retrieve restricted or sensitive information.
Users are recommended to upgrade to version 2.0.0, which fixes the issue.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-02-04
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
CVSS Score
6.6
EPSS Score
0.0
Published
2026-02-04
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
CVSS Score
6.0
EPSS Score
0.0
Published
2026-02-04
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-04
Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-02-04
Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-04