Product
Open Babel Heap Buffer Overflow in SMILES Parsing (CVE-2025-10996)
1 CVEA heap buffer overflow vulnerability (CVE-2025-10996) in Open Babel's `OBSmilesParser::ParseSmiles` function allows attackers to achieve denial of service or arbitrary code execution by crafting and supplying a malformed SMILES input string to affected versions up to 3.1.1.
Open Babel Heap Buffer Overflow in ChemKin Parser (CVE-2025-10997)
1 TTP 1 CVEA heap buffer overflow vulnerability (CVE-2025-10997) in Open Babel's ChemKin parser allows an attacker to achieve memory corruption when a victim processes a specially crafted ChemKin file, potentially leading to denial of service or arbitrary code execution.
Open Babel Has Uninitialized Pointer Dereference in MSI Atom Parser
1 TTP 1 CVEA memory-safety vulnerability (CVE-2022-44451) in Open Babel's MSI parser allows for an uninitialized pointer dereference when processing a specially crafted MSI input file, affecting versions prior to 3.2.0 and potentially leading to application instability or denial of service when a victim opens a malicious file.
Open Babel PQS Parser Uninitialized Pointer Dereference (CVE-2022-46280)
1 CVEA memory-safety vulnerability, CVE-2022-46280, in Open Babel's PQS parser (versions prior to 3.2.0) allows an uninitialized pointer dereference when processing a specially crafted input file, potentially leading to application crashes and denial of service if a victim opens a malicious PQS file.
Open Babel MOPAC Parser Out-of-Bounds Write Vulnerability (CVE-2022-46294)
3 TTPs 1 CVEA memory-safety vulnerability (CVE-2022-46294) in Open Babel's MOPAC input parser allows an out-of-bounds write into the `translationVectors[]` array when reading more than three Tv atoms from a crafted MOPAC input file, which can lead to application crash or arbitrary code execution upon victim processing the file.
Open Babel Out-of-Bounds Write in MSI Parser (CVE-2022-46295)
1 TTP 1 CVEAn out-of-bounds write vulnerability (CVE-2022-46295) in Open Babel's MSI parser allows remote attackers to cause memory corruption, denial of service, or potentially arbitrary code execution when a victim opens a specially crafted MSI file using the `obabel` tool or any application linked to the `OBConversion` API.