CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34675

Substance3D Painter prior to version 12.0.3 is affected by an out-of-bounds write vulnerability (CWE-787) that can enable arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. Affected product: Substance3D Paint...

CVE-2026-34675 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2024-45973

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-6023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana...

Projeqtor 代码问题漏洞

Projeqtor is an open source PHP-based project management software from the Projeqtor community. The software is used to organize various functions required for multiple projects and is suitable for IT projects. A code issue vulnerability exists in Projeqtor 12.0.2 and earlier versions, which stem...

CVE-2024-55554

Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet...

Delinea Privilege Manager 安全漏洞

Delinea Privilege Manager is a cloud-based software from Delinea. A security vulnerability exists in Delinea Privilege Manager versions prior to 12.0.2 that stems from incorrectly handling the security of the Windows agent...

PT-2024-35491 · Delinea · Delinea Privilege Manager

Name of the Vulnerable Software and Affected Versions: Delinea Privilege Manager versions prior to 12.0.2 Description: The issue is related to the mishandling of security by the Windows agent in Delinea Privilege Manager. Recommendations: For versions prior to 12.0.2, update to version 12.0.2 or...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass [CVE-2024-24789]

Summary Golang Go is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operator and operands are vulnerable to security restrictions bypass. This bulletin provides patch information to address the reported vulnerability in Golang Go package...

CVE-2022-35708

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-35701

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Design/Logic Flaw

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context ...

Design/Logic Flaw

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context ...

Heap overflow

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-35706 Adobe Bridge SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-35707

Adobe Bridge 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read when parsing crafted files, potentially allowing code execution under the current user. The issue is caused by parsing a crafted file and requires user interaction (victim must open the malicious file...

CVE-2022-35704 Adobe Bridge SVG File Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...