47 matches found
CVE-2022-38443
Adobe Dimension 3.4.5 is affected by an out-of-bounds read in GLB file parsing, enabling potential disclosure of memory and bypass of ASLR. Exploitation requires user interaction (opening a malicious file). Affected product/component: Adobe Dimension, GLB parsing path. Root cause: out-of-bounds r...
CVE-2022-38442
CVE-2022-38442 concerns Adobe Dimension prior to 3.4.6, where a use-after-free in SKP file parsing could allow arbitrary code execution in the current user context. Exploitation requires the victim to open a malicious file, making it a user-interaction–dependent issue. Public documents identify t...
CVE-2023-26356
Adobe Dimension is affected by CVE-2023-26356 (and related CVEs in APSB23-20) through an out-of-bounds read in USD file parsing, enabling information disclosure and memory exposure. The issue requires user interaction (victim opens a malicious USD file) and could bypass mitigations like ASLR. Aff...
CVE-2023-26345
Adobe Dimension (Windows/macOS) before 3.4.8 is affected by an out-of-bounds read in 3.4.7 and earlier that could disclose memory contents. Exploitation requires a user to open a crafted file, potentially bypassing ASLR. The issue is addressed in the APSB23-20 update, which fixes the vulnerabilit...
CVE-2022-38446
CVE-2022-38446 is a Use-After-Free vulnerability in Adobe Dimension (SKP file parsing) that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file or otherwise interact with content; the vulnerability is triggered via parsi...
CVE-2023-26335
Summary (CVE-2023-26335) Adobe Dimension 3.4.7 and earlier is affected by an out-of-bounds read when parsing a crafted file, enabling code execution in the user’s context. The vulnerability requires user interaction (victim must open a malicious file) and stems from out-of-bounds access in parsin...
CVE-2023-26346
CVE-2023-26346 affects Adobe Dimension up to version 3.4.7. The issue is an out-of-bounds read during USD file parsing, enabling information disclosure and potential bypass of ASLR. Exploitation requires user interaction (victim opens a crafted file). Connected sources confirm the vulnerability c...
CVE-2023-26355
Adobe Dimension prior to 3.4.8 contains an out-of-bounds read vulnerability that can disclose memory and may bypass ASLR. The issue affects Dimension 3.4.7 and earlier and requires a user to open a malicious file (local attack vector). Public details confirm affected version range and impact as d...
CVE-2022-38445
Adobe Dimension 3.4.5 is affected by a Use-After-Free vulnerability in SKP file parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious SKP file) and is described as local with high impact on confidenti...
CVE-2023-26344
Adobe Dimension 3.4.7 and earlier are affected by an uninitialized pointer access vulnerability that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious file. Multiple connected sources (NVD/NCSC/CVE listings) corroborate the issue as a memory disclosure/pointer-...
CVE-2023-26348
Adobe Dimension has an out-of-bounds read vulnerability in USD file parsing affecting version 3.4.7 and earlier, potentially allowing memory disclosure and ASLR bypass. Exploitation requires user interaction (victim opens a malicious file). A fixed version is 3.4.8; apply the vendor update (APSB2...
CVE-2022-38448
Adobe Dimension 3.4.5 is affected by a Use After Free vulnerability in SKP file parsing that could lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Mitigation: update to 3.4.6 or later (per APSB22-57) or apply vendor-rel...
CVE-2022-38441
CVE-2022-38441 affects Adobe Dimension 3.4.5 and earlier, with an out-of-bounds read when parsing a crafted file that could allow code execution in the user’s context. Exploitation requires user interaction (victim opens a malicious file). Connected sources confirm this as a local/assembly-level ...
CVE-2022-38447
Adobe Dimension 3.4.5 is affected by a use-after-free vulnerability in SKP file parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file, and the issue is scored high in CVSS (local attacker, user interaction r...
CVE-2023-26336
Adobe Dimension 3.4.7 and earlier contains a Use-After-Free vulnerability in USD file parsing that could allow arbitrary code execution when a user opens a crafted file. The issue requires user interaction and is listed under APSB23-20; remediation is to update to Dimension 3.4.8 (per ENISA/NCSc ...
CVE-2023-26349
Adobe Dimension CVE-2023-26349 is a Use-After-Free vulnerability affecting Dimension 3.4.7 and earlier that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). The issue is addressed in the 3.4.8 update (per ENISA/NCSC advisories and...
CVE-2023-26351
CVE-2023-26351 refers to Adobe Dimension USD file parsing: an out-of-bounds read in Dimension 3.4.7 and earlier could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). A fixed version is 3.4.8 (per APSB23-20; advisory notes a security update ...
CVE-2022-38440
CVE-2022-38440 affects Adobe Dimension 3.4.5, with an out-of-bounds read during parsing of a crafted file that could allow code execution in the caller’s context. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed in a subsequent update (3.4.6+; APS...
CVE-2023-26337
CVE-2023-26337 is a stack-based buffer overflow in Adobe Dimension ≤ 3.4.7 that allows arbitrary code execution in the context of the current user. Exploitation requires a user to open a crafted file (social/interaction). Public sources confirm the flaw affects Dimension 3.4.7 and earlier. Adobe ...
CVE-2023-26341
Adobe Dimension 3.4.7 and earlier is affected by an out-of-bounds read that can disclose memory contents and bypass mitigations like ASLR. Exploitation requires user interaction (victim opens a crafted file). Affected product: Adobe Dimension (Windows/macOS) with 3.4.7 and earlier. Root cause: ou...
CVE-2023-26353
Adobe Dimension before 3.4.8 is affected by an out-of-bounds read vulnerability in USD file parsing that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires a victim to open a malicious file (user interaction). No in-the-wild exploitation is documented in th...
CVE-2023-26338
The CVE-2023-26338 entry applies to Adobe Dimension versions up to 3.4.7, with an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Public references describe the issue across multiple sources (NVD/NCSC/Adobe APSB23-20) an...
CVE-2025-43572
Adobe Dimension ( Dimension 4.1.2 and earlier ) is affected by an out-of-bounds write vulnerability that could enable arbitrary code execution in the current user context. Exploitation requires the victim to open a malicious file. Root cause: memory boundary management failure. Impact is high per...
CVE-2023-26350
Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read that can disclose sensitive memory and, per the sources, may bypass ASLR. Exploitation requires user interaction (victim opens a crafted file). A fix is available: Adobe APSB23-20, updating Dimension to 3.4.8 (NCSC confirms 3...
CVE-2022-38444
CVE-2022-38444 affects Adobe Dimension 3.4.5 and is a Use-After-Free vulnerability in the SKP file parsing path that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a crafted file). The issue is addressed in the Dim...
CVE-2023-26342
Adobe Dimension up to version 3.4.7 is affected by a GLB file-parsing out-of-bounds read vulnerability (CVE-2023-26342) that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Updates to 3.4.8 are available and fixed per APSB23-20 and NCSC advisor...
CVE-2023-26354
Adobe Dimension 3.4.7 and earlier is affected by CVE-2023-26354, an out-of-bounds read in USD file parsing that can disclose sensitive memory and potentially bypass ASLR. Exploitation requires user interaction (opening a malicious file). Publicly documented impact is memory disclosure with a loca...
CVE-2023-26334
CVE-2023-26334 affects Adobe Dimension 3.4.7 and earlier, with an uninitialized pointer access vulnerability that can lead to arbitrary code execution in the current user’s context. Exploitation requires the victim to open a malicious file (user interaction). The issue is documented in NVD and li...
CVE-2023-26339
Adobe Dimension has a confirmed out-of-bounds read vulnerability affecting version 3.4.7 and earlier (CVE-2023-26339). The issue occurs during OBJ/file parsing and can lead to disclosure of sensitive memory; exploitation requires user interaction (victim opens a malicious file). A fix is availabl...
CVE-2024-45146
Adobe Dimension (versions 4.0.3 and earlier) is affected by a Use-After-Free vulnerability (CVE-2024-45146) that can lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. A patch is available via APSB24-74; update to Dimensio...
CVE-2023-25903
Summary: CVE-2023-25903 affects Adobe Dimension up to version 3.4.7. The issue is an Integer Overflow/Wraparound in USDZ handling that can lead to arbitrary code execution in the context of the current user when a malicious file is opened. Exploitation requires user interaction. Impact: arbitrary...
CVE-2023-26340
CVE-2023-26340 affects Adobe Dimension up to version 3.4.7. A vulnerability in parsing OBJ-related input leads to an out-of-bounds read, causing potential disclosure of memory and enabling bypass of mitigations like ASLR. Exploitation requires user interaction (victim must open a malicious file)....
CVE-2023-26343
Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). A fixed release is 3.4.8; advisories (APSB23-20) describe updates to address these vulnerabilities. Connected source...
CVE-2024-45150
Summary (CVE-2024-45150): Adobe Dimension prior to and including 4.0.3 contains an out-of-bounds write vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to interact with a malicious file opened by the user. Affected versio...
CVE-2023-26352
Adobe Dimension 3.4.7 and earlier are affected by an out-of-bounds read in USD file parsing that can disclose memory contents. Exploitation requires user interaction (victim opens a malicious file) and is described as enabling information disclosure with high confidentiality impact; attack vector...
CVE-2025-43548
Adobe Dimension
CVE-2023-47061
Summary of CVE-2023-47061 : Affected product is Adobe Dimension (versions 3.4.10 and earlier). The vulnerability is an out-of-bounds read in the GLB/file parsing code that can disclose sensitive memory and may bypass ASLR. Exploitation requires user interaction (victim must open a malicious file)...
CVE-2023-47062
Adobe Dimension prior to 3.4.11 is affected by an out-of-bounds read (memory disclosure) in GLTF/file parsing, enabling an attacker to bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation: update to 3.4.11 (APSB23-71); advisories confirm vulnerability d...
CVE-2023-47078
Adobe Dimension
CVE-2023-47079
Adobe Dimension
CVE-2025-30312
CVE-2025-30312 affects Dimension versions 4.1.2 and earlier. The issue is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file. Multiple connected sources confirm the affected...
CVE-2025-54238
Adobe Dimension is affected on versions 4.1.3 and earlier by an out-of-bounds read (CWE-125) that could disclose sensitive memory. The vulnerability requires user interaction (victim opens a malicious file). The issue is addressed by the APSB25-84 security update, which states to upgrade to versi...
CVE-2025-47135
Adobe Dimension 4.1.2 per APSB25-63 (Adobe advisory).
CVE-2025-61798
CVE-2025-61798 affects Adobe Dimension versions 4.1.4 and earlier. It is an out-of-bounds read vulnerability in the parser for a crafted file, potentially allowing code execution in the context of the current user. Exploitation requires user interaction (the victim opens a malicious file). Connec...
CVE-2025-61800
Adobe Dimension is affected by CVE-2025-61800: Dimension versions 4.1.4 and earlier suffer from an Integer Overflow or Wraparound vulnerability that could enable arbitrary code execution in the current user context. Exploitation requires user interaction, specifically the victim opening a malicio...
CVE-2025-61801
Summary (CVE-2025-61801) Adobe Dimension versions 4.1.4 and earlier are affected by a Use After Free vulnerability in Dimension components, leading to arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected produc...
CVE-2025-61799
CVE-2025-61799 affects Adobe Dimension