luxion 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk memory corruption、バッファオーバーフロー、vendor risk xxe, and パス処理の欠陥 があり、vendor surface software deployment and vendor surface production workloads の利用場面で vendor impact memory corruption、アプリケーションクラッシュ, and ファイル上書き などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-7222 | Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write pa | [email protected] | 7.8 | 0.25% | 2025-07-21 | 2025-08-11 |
| CVE-2025-1047 | Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of pvs files. The issue results from the lack of proper initialization of a pointer prior to accessing it. A | [email protected] | 7.8 | 0.38% | 2025-04-23 | 2025-08-07 |
| CVE-2025-1046 | Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the | [email protected] | 7.8 | 0.38% | 2025-04-23 | 2025-08-07 |
| CVE-2025-1045 | Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of the length of user-supplied d | [email protected] | 7.8 | 0.58% | 2025-04-23 | 2025-08-07 |
| CVE-2025-2532 | Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of usdc files. The issue results from the lack of validating the existence of an object prior to performing operations on th | [email protected] | 7.8 | 0.34% | 2025-03-25 | 2025-09-05 |
| CVE-2025-2531 | Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to c | [email protected] | 7.8 | 0.47% | 2025-03-25 | 2025-08-11 |
| CVE-2025-2530 | Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. A | [email protected] | 7.8 | 0.32% | 2025-03-25 | 2025-08-11 |
| CVE-2025-0412 | Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can resul | [email protected] | 7.8 | 2.33% | 2025-01-13 | 2025-08-07 |
| CVE-2024-11581 | Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of jt files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before | [email protected] | 7.8 | 1.59% | 2024-11-22 | 2024-12-20 |
| CVE-2024-11580 | Luxion KeyShot ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of abc files. The issue results from the lack of proper validation of the length of user-supplied data prior to c | [email protected] | 7.8 | 2.36% | 2024-11-22 | 2024-12-20 |
| CVE-2024-11579 | Luxion KeyShot OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of obj files. The issue results from the lack of proper validation of user-supplied data, which can result in a write pa | [email protected] | 7.8 | 1.59% | 2024-11-22 | 2024-12-20 |
| CVE-2024-11578 | Luxion KeyShot 3DS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of the length of user-supplied data prior to | [email protected] | 7.8 | 2.30% | 2024-11-22 | 2025-01-03 |
| CVE-2024-11577 | Luxion KeyShot SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write pa | [email protected] | 7.8 | 1.59% | 2024-11-22 | 2024-12-20 |
| CVE-2024-11576 | Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of the length of user-supplied data prior to c | [email protected] | 7.8 | 2.31% | 2024-11-22 | 2024-12-20 |
| CVE-2024-5509 | Luxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BIP files. The issue results from loading a library from an unsecured location. An attacker can leverage | [email protected] | 7.8 | 5.01% | 2024-06-06 | 2024-11-21 |
| CVE-2024-5508 | Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result | [email protected] | 7.8 | 2.58% | 2024-06-06 | 2024-11-21 |
| CVE-2024-5507 | Luxion KeyShot Viewer KSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of the length of user-supplied | [email protected] | 7.8 | 3.88% | 2024-06-06 | 2024-11-21 |
| CVE-2024-5506 | Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result | [email protected] | 7.8 | 2.58% | 2024-06-06 | 2024-11-21 |
| CVE-2024-30375 | Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of validating the existence of an object prior to performing oper | [email protected] | 7.8 | 0.57% | 2024-06-06 | 2024-11-21 |
| CVE-2024-30374 | Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result | [email protected] | 7.8 | 0.46% | 2024-06-06 | 2024-11-21 |