Vulnerabilities > Blender > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-11-06 | CVE-2009-3850 | Code Injection vulnerability in Blender Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA. | 9.3 |
| 2007-03-03 | CVE-2007-1253 | Code Injection vulnerability in Blender 2.25/2.36/2.37A Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file. | 9.3 |