Lucene search
K

47 matches found

CVE
CVE
added 2022/10/14 7:50 p.m.84 views

CVE-2022-38443

Adobe Dimension 3.4.5 is affected by an out-of-bounds read in GLB file parsing, enabling potential disclosure of memory and bypass of ASLR. Exploitation requires user interaction (opening a malicious file). Affected product/component: Adobe Dimension, GLB parsing path. Root cause: out-of-bounds r...

5.5CVSS5.3AI score0.00325EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.82 views

CVE-2022-38442

CVE-2022-38442 concerns Adobe Dimension prior to 3.4.6, where a use-after-free in SKP file parsing could allow arbitrary code execution in the current user context. Exploitation requires the victim to open a malicious file, making it a user-interaction–dependent issue. Public documents identify t...

7.8CVSS7.8AI score0.00497EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.82 views

CVE-2023-26356

Adobe Dimension is affected by CVE-2023-26356 (and related CVEs in APSB23-20) through an out-of-bounds read in USD file parsing, enabling information disclosure and memory exposure. The issue requires user interaction (victim opens a malicious USD file) and could bypass mitigations like ASLR. Aff...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.75 views

CVE-2023-26345

Adobe Dimension (Windows/macOS) before 3.4.8 is affected by an out-of-bounds read in 3.4.7 and earlier that could disclose memory contents. Exploitation requires a user to open a crafted file, potentially bypassing ASLR. The issue is addressed in the APSB23-20 update, which fixes the vulnerabilit...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.69 views

CVE-2022-38446

CVE-2022-38446 is a Use-After-Free vulnerability in Adobe Dimension (SKP file parsing) that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file or otherwise interact with content; the vulnerability is triggered via parsi...

7.8CVSS7.8AI score0.00389EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.69 views

CVE-2023-26335

Summary (CVE-2023-26335) Adobe Dimension 3.4.7 and earlier is affected by an out-of-bounds read when parsing a crafted file, enabling code execution in the user’s context. The vulnerability requires user interaction (victim must open a malicious file) and stems from out-of-bounds access in parsin...

7.8CVSS7.5AI score0.00353EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.69 views

CVE-2023-26346

CVE-2023-26346 affects Adobe Dimension up to version 3.4.7. The issue is an out-of-bounds read during USD file parsing, enabling information disclosure and potential bypass of ASLR. Exploitation requires user interaction (victim opens a crafted file). Connected sources confirm the vulnerability c...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.69 views

CVE-2023-26355

Adobe Dimension prior to 3.4.8 contains an out-of-bounds read vulnerability that can disclose memory and may bypass ASLR. The issue affects Dimension 3.4.7 and earlier and requires a user to open a malicious file (local attack vector). Public details confirm affected version range and impact as d...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.68 views

CVE-2022-38445

Adobe Dimension 3.4.5 is affected by a Use-After-Free vulnerability in SKP file parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious SKP file) and is described as local with high impact on confidenti...

7.8CVSS7.8AI score0.00389EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.68 views

CVE-2023-26344

Adobe Dimension 3.4.7 and earlier are affected by an uninitialized pointer access vulnerability that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious file. Multiple connected sources (NVD/NCSC/CVE listings) corroborate the issue as a memory disclosure/pointer-...

5.5CVSS5.2AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.68 views

CVE-2023-26348

Adobe Dimension has an out-of-bounds read vulnerability in USD file parsing affecting version 3.4.7 and earlier, potentially allowing memory disclosure and ASLR bypass. Exploitation requires user interaction (victim opens a malicious file). A fixed version is 3.4.8; apply the vendor update (APSB2...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.67 views

CVE-2022-38448

Adobe Dimension 3.4.5 is affected by a Use After Free vulnerability in SKP file parsing that could lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Mitigation: update to 3.4.6 or later (per APSB22-57) or apply vendor-rel...

7.8CVSS7.8AI score0.00389EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.66 views

CVE-2022-38441

CVE-2022-38441 affects Adobe Dimension 3.4.5 and earlier, with an out-of-bounds read when parsing a crafted file that could allow code execution in the user’s context. Exploitation requires user interaction (victim opens a malicious file). Connected sources confirm this as a local/assembly-level ...

7.8CVSS7.5AI score0.00453EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.66 views

CVE-2022-38447

Adobe Dimension 3.4.5 is affected by a use-after-free vulnerability in SKP file parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file, and the issue is scored high in CVSS (local attacker, user interaction r...

7.8CVSS7.8AI score0.00389EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.66 views

CVE-2023-26336

Adobe Dimension 3.4.7 and earlier contains a Use-After-Free vulnerability in USD file parsing that could allow arbitrary code execution when a user opens a crafted file. The issue requires user interaction and is listed under APSB23-20; remediation is to update to Dimension 3.4.8 (per ENISA/NCSc ...

7.8CVSS7.7AI score0.00387EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.66 views

CVE-2023-26349

Adobe Dimension CVE-2023-26349 is a Use-After-Free vulnerability affecting Dimension 3.4.7 and earlier that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). The issue is addressed in the 3.4.8 update (per ENISA/NCSC advisories and...

5.5CVSS5AI score0.00365EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.66 views

CVE-2023-26351

CVE-2023-26351 refers to Adobe Dimension USD file parsing: an out-of-bounds read in Dimension 3.4.7 and earlier could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). A fixed version is 3.4.8 (per APSB23-20; advisory notes a security update ...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.65 views

CVE-2022-38440

CVE-2022-38440 affects Adobe Dimension 3.4.5, with an out-of-bounds read during parsing of a crafted file that could allow code execution in the caller’s context. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed in a subsequent update (3.4.6+; APS...

7.8CVSS7.5AI score0.00453EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.65 views

CVE-2023-26337

CVE-2023-26337 is a stack-based buffer overflow in Adobe Dimension ≤ 3.4.7 that allows arbitrary code execution in the context of the current user. Exploitation requires a user to open a crafted file (social/interaction). Public sources confirm the flaw affects Dimension 3.4.7 and earlier. Adobe ...

7.8CVSS7.7AI score0.00421EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.65 views

CVE-2023-26341

Adobe Dimension 3.4.7 and earlier is affected by an out-of-bounds read that can disclose memory contents and bypass mitigations like ASLR. Exploitation requires user interaction (victim opens a crafted file). Affected product: Adobe Dimension (Windows/macOS) with 3.4.7 and earlier. Root cause: ou...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.64 views

CVE-2023-26353

Adobe Dimension before 3.4.8 is affected by an out-of-bounds read vulnerability in USD file parsing that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires a victim to open a malicious file (user interaction). No in-the-wild exploitation is documented in th...

5.5CVSS4.9AI score0.00357EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.63 views

CVE-2023-26338

The CVE-2023-26338 entry applies to Adobe Dimension versions up to 3.4.7, with an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Public references describe the issue across multiple sources (NVD/NCSC/Adobe APSB23-20) an...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2025/05/13 8:15 p.m.63 views

CVE-2025-43572

Adobe Dimension ( Dimension 4.1.2 and earlier ) is affected by an out-of-bounds write vulnerability that could enable arbitrary code execution in the current user context. Exploitation requires the victim to open a malicious file. Root cause: memory boundary management failure. Impact is high per...

7.8CVSS7.9AI score0.00179EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.62 views

CVE-2023-26350

Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read that can disclose sensitive memory and, per the sources, may bypass ASLR. Exploitation requires user interaction (victim opens a crafted file). A fix is available: Adobe APSB23-20, updating Dimension to 3.4.8 (NCSC confirms 3...

5.5CVSS5.2AI score0.00332EPSS
CVE
CVE
added 2022/10/14 7:50 p.m.61 views

CVE-2022-38444

CVE-2022-38444 affects Adobe Dimension 3.4.5 and is a Use-After-Free vulnerability in the SKP file parsing path that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a crafted file). The issue is addressed in the Dim...

7.8CVSS7.8AI score0.00497EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.59 views

CVE-2023-26342

Adobe Dimension up to version 3.4.7 is affected by a GLB file-parsing out-of-bounds read vulnerability (CVE-2023-26342) that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Updates to 3.4.8 are available and fixed per APSB23-20 and NCSC advisor...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.59 views

CVE-2023-26354

Adobe Dimension 3.4.7 and earlier is affected by CVE-2023-26354, an out-of-bounds read in USD file parsing that can disclose sensitive memory and potentially bypass ASLR. Exploitation requires user interaction (opening a malicious file). Publicly documented impact is memory disclosure with a loca...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.58 views

CVE-2023-26334

CVE-2023-26334 affects Adobe Dimension 3.4.7 and earlier, with an uninitialized pointer access vulnerability that can lead to arbitrary code execution in the current user’s context. Exploitation requires the victim to open a malicious file (user interaction). The issue is documented in NVD and li...

7.8CVSS7.7AI score0.00353EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.57 views

CVE-2023-26339

Adobe Dimension has a confirmed out-of-bounds read vulnerability affecting version 3.4.7 and earlier (CVE-2023-26339). The issue occurs during OBJ/file parsing and can lead to disclosure of sensitive memory; exploitation requires user interaction (victim opens a malicious file). A fix is availabl...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2024/10/09 8:51 a.m.57 views

CVE-2024-45146

Adobe Dimension (versions 4.0.3 and earlier) is affected by a Use-After-Free vulnerability (CVE-2024-45146) that can lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. A patch is available via APSB24-74; update to Dimensio...

7.8CVSS7.8AI score0.00344EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.56 views

CVE-2023-25903

Summary: CVE-2023-25903 affects Adobe Dimension up to version 3.4.7. The issue is an Integer Overflow/Wraparound in USDZ handling that can lead to arbitrary code execution in the context of the current user when a malicious file is opened. Exploitation requires user interaction. Impact: arbitrary...

7.8CVSS7.8AI score0.00353EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.55 views

CVE-2023-26340

CVE-2023-26340 affects Adobe Dimension up to version 3.4.7. A vulnerability in parsing OBJ-related input leads to an out-of-bounds read, causing potential disclosure of memory and enabling bypass of mitigations like ASLR. Exploitation requires user interaction (victim must open a malicious file)....

5.5CVSS5.2AI score0.00332EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.54 views

CVE-2023-26343

Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). A fixed release is 3.4.8; advisories (APSB23-20) describe updates to address these vulnerabilities. Connected source...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2024/10/09 8:51 a.m.54 views

CVE-2024-45150

Summary (CVE-2024-45150): Adobe Dimension prior to and including 4.0.3 contains an out-of-bounds write vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to interact with a malicious file opened by the user. Affected versio...

7.8CVSS7.8AI score0.00269EPSS
CVE
CVE
added 2023/03/28 12:0 a.m.53 views

CVE-2023-26352

Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read in USD file parsing that can disclose memory contents. Exploitation requires user interaction (victim opens a malicious file) and is described as enabling information disclosure with high confidentiality impact; attack vector...

5.5CVSS4.9AI score0.00332EPSS
CVE
CVE
added 2025/05/13 8:15 p.m.49 views

CVE-2025-43548

Adobe Dimension

7.8CVSS7.9AI score0.00181EPSS
CVE
CVE
added 2023/12/13 1:10 p.m.45 views

CVE-2023-47061

Summary of CVE-2023-47061 : Affected product is Adobe Dimension (versions 3.4.10 and earlier). The vulnerability is an out-of-bounds read in the GLB/file parsing code that can disclose sensitive memory and may bypass ASLR. Exploitation requires user interaction (victim must open a malicious file)...

5.5CVSS5AI score0.00424EPSS
CVE
CVE
added 2023/12/13 1:10 p.m.44 views

CVE-2023-47062

Adobe Dimension prior to 3.4.11 is affected by an out-of-bounds read (memory disclosure) in GLTF/file parsing, enabling an attacker to bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation: update to 3.4.11 (APSB23-71); advisories confirm vulnerability d...

5.5CVSS5AI score0.00367EPSS
CVE
CVE
added 2023/12/13 1:10 p.m.40 views

CVE-2023-47078

Adobe Dimension

5.5CVSS5AI score0.00424EPSS
CVE
CVE
added 2023/12/13 1:10 p.m.38 views

CVE-2023-47079

Adobe Dimension

5.5CVSS5AI score0.00367EPSS
CVE
CVE
added 2025/07/08 5:29 p.m.27 views

CVE-2025-30312

CVE-2025-30312 affects Dimension versions 4.1.2 and earlier. The issue is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file. Multiple connected sources confirm the affected...

7.8CVSS7AI score0.0017EPSS
CVE
CVE
added 2025/08/12 10:33 p.m.27 views

CVE-2025-54238

Adobe Dimension is affected on versions 4.1.3 and earlier by an out-of-bounds read (CWE-125) that could disclose sensitive memory. The vulnerability requires user interaction (victim opens a malicious file). The issue is addressed by the APSB25-84 security update, which states to upgrade to versi...

5.5CVSS6.4AI score0.00188EPSS
CVE
CVE
added 2025/07/08 5:29 p.m.26 views

CVE-2025-47135

Adobe Dimension 4.1.2 per APSB25-63 (Adobe advisory).

5.5CVSS5.8AI score0.00179EPSS
CVE
CVE
added 2025/10/14 7:34 p.m.21 views

CVE-2025-61798

CVE-2025-61798 affects Adobe Dimension versions 4.1.4 and earlier. It is an out-of-bounds read vulnerability in the parser for a crafted file, potentially allowing code execution in the context of the current user. Exploitation requires user interaction (the victim opens a malicious file). Connec...

7.8CVSS6.7AI score0.00201EPSS
CVE
CVE
added 2025/10/14 7:34 p.m.21 views

CVE-2025-61800

Adobe Dimension is affected by CVE-2025-61800: Dimension versions 4.1.4 and earlier suffer from an Integer Overflow or Wraparound vulnerability that could enable arbitrary code execution in the current user context. Exploitation requires user interaction, specifically the victim opening a malicio...

7.8CVSS7.3AI score0.00201EPSS
CVE
CVE
added 2025/10/14 7:34 p.m.17 views

CVE-2025-61801

Summary (CVE-2025-61801) Adobe Dimension versions 4.1.4 and earlier are affected by a Use After Free vulnerability in Dimension components, leading to arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected produc...

7.8CVSS7.3AI score0.0021EPSS
CVE
CVE
added 2025/10/14 7:34 p.m.14 views

CVE-2025-61799

CVE-2025-61799 affects Adobe Dimension

7.8CVSS6.7AI score0.00201EPSS