Albin Eldstål-Ahrens issues

Results 12 issues of


                                            Albin Eldstål-Ahrens

NULL pointer dereference in AMF XML parser (metadata tag without type attribute)

### Summary A crafted AMF XML document can cause a crash due to a NULL pointer dereference during parsing. ### Vulnerable versions * Slic3r (commit b1a5500f427700ac3dffc0e7d9535ea65f993537) ### Step to reproduce...

NULL pointer dereference in 3MF XML parser (slic3r:volume tag without ts/te/modifier attribute)

### Summary A crafted 3MF XML document can cause a crash due to a NULL pointer dereference during parsing. ### Vulnerable versions * Slic3r (commit b1a5500f427700ac3dffc0e7d9535ea65f993537) ### Step to reproduce...

NULL pointer dereference in 3MF XML parser (triangle tag without v1/v2/v3 attribute)

NULL pointer dereference in 3MF XML parser (vertex tag without x/y/z attribute)

Added missing bounds check to TriangleMesh constructor

This fixes issue #5115 and the long-standing CVE-2020-28590.

Security: Out of bounds read in OBJ face parser

### Summary An out-of-bounds read in the OBJ file parsing leads to segmentation fault and potential information disclosure. ### Vulnerable versions * Slic3r (commit b1a5500f427700ac3dffc0e7d9535ea65f993537) ### Step to reproduce 1....

Register team LuftensHjaltar

Security issues

Good day! I have identified an urgent security issue in weby, and would like to report it to the maintainer team. The project does not have a Security policy on...

Fix issue #13, OS command injection

Security vulnerability: OS command injection in web interface

An OS command injection vulnerability exists in the web interface of mobro-raspberrypi. It allows an unauthenticated attacker to execute arbitrary OS commands on the host, with the privileges of the...