Lucene search
K
AdobeSubstance 3d Designer

43 matches found

CVE
CVE
added 2023/06/15 12:0 a.m.98 views

CVE-2023-21618

Adobe Substance 3D Designer (Windows/macOS) versions 12.4.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability in SBS file parsing, leading to arbitrary code execution in the current user context. Exploitation requires user interaction (opening a malicious SBS file); no ...

7.8CVSS7.8AI score0.00313EPSS
CVE
CVE
added 2024/05/16 8:56 a.m.73 views

CVE-2024-30281

CVE-2024-30281 affects Substance3D Designer

5.5CVSS5.9AI score0.00262EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.72 views

CVE-2023-26409

Adobe Substance 3D Designer 12.4.0 and earlier is affected by an out-of-bounds read while parsing a crafted file, potentially allowing code execution in the user’s context. Exploitation requires user interaction (victim must open a malicious file). Multiple connected sources corroborate the vulne...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.68 views

CVE-2023-26410

CVE-2023-26410 affects Adobe Substance 3D Designer (version 12.4.0 and earlier). The issue is a Use-After-Free in USD file parsing that could lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim must open a malicious file). Public sources ...

7.8CVSS7.8AI score0.00379EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.68 views

CVE-2023-26415

Affected product: Adobe Substance 3D DesignerVulnerability: Out-of-bounds write in DAE file parsing could enable arbitrary code execution in the context of the current user.Attack surface / impact: Requires user interaction; victim must open a malicious file to trigger the issue (high impact, loc...

7.8CVSS7.8AI score0.00302EPSS
CVE
CVE
added 2025/01/14 7:16 p.m.68 views

CVE-2025-21137

Affected product : Substance3D Designer. Vulnerable versions : 14.0 and earlier. Issue type / root cause : Heap-based buffer overflow in Substance3D Designer can lead to arbitrary code execution in the context of the current user. Attack vector / prerequisites : Exploitation requires user interac...

7.8CVSS7.8AI score0.00257EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.65 views

CVE-2023-26414

Adobe Substance 3D Designer (Windows/macOS) versions 12.4.0 and earlier are affected by a Use-After-Free vulnerability in USD file parsing that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (open a malicious file). The issue has been ad...

7.8CVSS7.8AI score0.00379EPSS
CVE
CVE
added 2025/01/14 7:16 p.m.65 views

CVE-2025-21136

Adobe Substance 3D Designer (versions 14.0 and earlier) is affected by an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). The advisory APSB25-06 indicates remediation by ...

7.8CVSS7.9AI score0.00211EPSS
CVE
CVE
added 2025/02/11 5:31 p.m.65 views

CVE-2025-21161

CVE-2025-21161 affects Adobe Substance 3D Designer prior to version 14.0.2 via an out-of-bounds write, allowing arbitrary code execution in the current user context and requiring user interaction (open a malicious file). The issue is detailed across multiple sources (NVD/NVD-derived records and R...

7.8CVSS7.9AI score0.00336EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.63 views

CVE-2023-26412

CVE-2023-26412 affects Adobe Substance 3D Designer up to version 12.4.0. The root cause is a stack‑based buffer overflow in USDA file parsing, where input length was not properly validated, allowing arbitrary code execution in the context of the current user. Exploitation requires user interactio...

7.8CVSS7.8AI score0.00413EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.63 views

CVE-2023-26413

Adobe Substance 3D Designer is affected by a heap-based buffer overflow in USD file parsing for versions 12.4.0 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (e.g., opening a malicious file). The issue is documented acros...

7.8CVSS7.8AI score0.00412EPSS
CVE
CVE
added 2024/02/15 12:30 p.m.63 views

CVE-2024-20750

CVE-2024-20750 affects Adobe Substance 3D Designer, specifically versions 13.1.0 and earlier. The vulnerability is an out-of-bounds read during parsing of a crafted file, which could cause a read past the end of an allocated memory structure and allow code execution in the context of the current ...

7.8CVSS7.5AI score0.00339EPSS
CVE
CVE
added 2025/03/11 4:26 p.m.62 views

CVE-2025-21169

Adobe Substance 3D Designer versions 14.1 and earlier are affected by a heap-based buffer overflow vulnerability that could allow arbitrary code execution under the current user context. Exploitation requires user interaction (the victim must open a malicious file). This CVE is CVE-2025-21169; a ...

7.8CVSS7.8AI score0.00286EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.61 views

CVE-2023-26416

Adobe Substance 3D Designer

7.8CVSS7.8AI score0.00412EPSS
CVE
CVE
added 2025/03/11 4:26 p.m.61 views

CVE-2025-27172

Substance 3D Designer (Adobe)

7.8CVSS7.9AI score0.0022EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.60 views

CVE-2023-26398

Adobe Substance 3D Designer vulnerability CVE-2023-26398 arises from an out-of-bounds read when parsing a crafted USDC/related file, allowing code execution in the context of the current user. The issue affects Substance 3D Designer version 12.4.0 and earlier and requires user interaction (victim...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2024/08/14 8:24 a.m.60 views

CVE-2024-41864

CVE-2024-41864 affects Substance3D Designer

7.8CVSS7.9AI score0.00281EPSS
CVE
CVE
added 2025/01/14 7:16 p.m.60 views

CVE-2025-21139

CVE-2025-21139 affects Adobe Substance 3D Designer versions 14.0 and earlier. A Heap-based Buffer Overflow could allow arbitrary code execution in the context of the current user when a victim opens a specially crafted file, with user interaction required. The vulnerability is documented across m...

7.8CVSS7.8AI score0.00257EPSS
CVE
CVE
added 2025/01/14 7:16 p.m.59 views

CVE-2025-21138

CVE-2025-21138 affects Substance3D Designer 14.0 and earlier. The issue is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). A patch is available: update to a v...

7.8CVSS7.9AI score0.00211EPSS
CVE
CVE
added 2023/04/13 12:0 a.m.58 views

CVE-2023-26411

Adobe Substance 3D Designer 12.4.0 and earlier are affected by an out-of-bounds read when parsing a crafted file, allowing code execution in the attacker’s context if a user opens the malicious file. The issue originates from parsing the input (file) and may be triggered by crafted content, with ...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2023/12/13 1:46 p.m.51 views

CVE-2023-48639

CVE-2023-48639 – Adobe Substance 3D Designer is affected by an out-of-bounds write vulnerability in versions 13.0.0 and earlier and 13.1.0 and earlier. The flaw could allow arbitrary code execution in the context of the current user, with exploitation requiring user interaction (the user must ope...

7.8CVSS7.8AI score0.00329EPSS
CVE
CVE
added 2023/12/13 1:46 p.m.50 views

CVE-2023-48637

CVE-2023-48637 affects Adobe Substance 3D Designer versions 13.0.0 and earlier and 13.1.0 and earlier. The issue is an out-of-bounds read in the software that can disclose sensitive memory and, per the entry, could bypass mitigations such as ASLR; exploitation requires a user to open a malicious ...

5.5CVSS5AI score0.00341EPSS
CVE
CVE
added 2023/12/13 1:46 p.m.49 views

CVE-2023-48636

Summary: Adobe Substance 3D Designer is affected by an out-of-bounds read in versions 13.0.0 and earlier and 13.1.0 and earlier, potentially leading to disclosure of sensitive memory and bypassing mitigations such as ASLR. Exploitation requires a user to open a malicious file. Connected sources c...

5.5CVSS5AI score0.00319EPSS
CVE
CVE
added 2023/12/13 1:46 p.m.48 views

CVE-2023-48638

Adobe Substance 3D Designer is affected by an out-of-bounds read vulnerability in 13.0.0 and earlier and 13.1.0 and earlier, which could disclose sensitive memory and bypass ASLR. exploitation requires user interaction (victim opens a malicious file). Affected component: Substance 3D Designer (de...

5.5CVSS5AI score0.0032EPSS
CVE
CVE
added 2025/07/08 4:39 p.m.28 views

CVE-2025-21166

CVE-2025-21166 affects Substance3D Designer, version 14.1 and earlier. The issue is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. Documented impact is hi...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2025/07/08 4:39 p.m.26 views

CVE-2025-21168

CVE-2025-21168 affects Substance3D Designer (versions 14.1 and earlier). The root cause is an out-of-bounds read in the product, which could disclose sensitive memory and potentially bypass ASLR. Exploitation requires user interaction: a victim must open a malicious file. Affected software is Sub...

5.5CVSS5.8AI score0.00206EPSS
CVE
CVE
added 2025/07/08 4:39 p.m.25 views

CVE-2025-21167

CVE-2025-21167 affects Substance3D Designer ≤ 14.1. It is an out-of-bounds read vulnerability that can disclose memory contents and potentially bypass ASLR. Exploitation requires user interaction: a victim must open a malicious file. Affected component/impact: memory disclosure with high confiden...

5.5CVSS5.8AI score0.00206EPSS
CVE
CVE
added 2025/07/08 4:39 p.m.24 views

CVE-2025-21164

CVE-2025-21164 affects Substance3D Designer, versions 14.1 and earlier. The issue is an out-of-bounds write (CWE-787) that could enable arbitrary code execution in the context of the current user, and exploitation requires the victim to open a malicious file. Remediation from the connected PT sec...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2026/05/12 6:13 p.m.23 views

CVE-2026-34664

CVE-2026-34664 affects Substance3D Designer up to v15.1.0. The issue is an Improper Limitation of a Pathname to a Restricted Directory (path traversal) that could permit arbitrary file system reads outside the intended scope. Exploitation requires user interaction: a victim must open a malicious ...

6.3CVSS5.9AI score0.00177EPSS
CVE
CVE
added 2025/07/08 4:39 p.m.21 views

CVE-2025-21165

Substance3D Designer (v14.1 and earlier) is affected by an out-of-bounds write vulnerability (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The issue is fixed by updating to a ver...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.21 views

CVE-2026-21334

Substance3D Designer, versions 15.1.0 and earlier, are affected by an out-of-bounds write vulnerability that can lead to arbitrary code execution in the caller's context. The issue requires user interaction: a victim must open a malicious file for exploitation. The CVSS vector provided indicates ...

7.8CVSS6.3AI score0.00184EPSS
CVE
CVE
added 2026/01/13 8:7 p.m.20 views

CVE-2026-21308

CVE-2026-21308 affects Substance3D Designer versions 15.0.3 and earlier (per Red Hat and NVD entries) with an Out-of-bounds Read that could expose memory. The issue allows memory disclosure and requires user interaction: a victim must open a malicious file. Multiple connected advisories reference...

5.5CVSS5.6AI score0.00153EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.20 views

CVE-2026-21339

CVE-2026-21339 affects Substance3D Designer up to v15.1.0. The issue is an out-of-bounds read that can disclose memory contents. Exploitation requires user interaction: a victim must open a malicious file; attack vector is local with UI required, confidentiality impact HIGH, other impacts none. D...

5.5CVSS5.4AI score0.00153EPSS
CVE
CVE
added 2026/05/12 6:13 p.m.20 views

CVE-2026-34682

CVE-2026-34682 affects Substance3D Designer

7.8CVSS6.3AI score0.00148EPSS
CVE
CVE
added 2026/05/12 6:13 p.m.19 views

CVE-2026-34683

CVE-2026-34683 affects Substance3D Designer up to version 15.1.0. The issue is an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The connected documents provid...

7.8CVSS6.3AI score0.00149EPSS
CVE
CVE
added 2026/01/13 8:7 p.m.18 views

CVE-2026-21307

CVE-2026-21307 affects Substance3D Designer up to version 15.0.3 with an out-of-bounds write vulnerability in a user context. The flaw could allow arbitrary code execution, and exploitation requires the victim to open a malicious file (user interaction). These details are supported by multiple co...

7.8CVSS7.5AI score0.00151EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.17 views

CVE-2026-21336

Substance3D Designer prior to v15.1.0 is affected by a NULL pointer dereference that can cause a denial-of-service when a user opens a malicious file. The CVSSv3.1 base score is 5.5 (Medium) with LOCAL attack vector, LOW attack complexity, no privileges required, but USER INTERACTION is required ...

5.5CVSS5.5AI score0.0014EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.16 views

CVE-2026-21338

Substance3D Designer, versions 15.1.0 and earlier, is affected by a NULL pointer dereference that can cause an application denial-of-service. The issue occurs when a user opens a malicious file, requiring user interaction and resulting in a crash. Exploitation details are not provided beyond the ...

5.5CVSS5.5AI score0.0014EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.16 views

CVE-2026-21340

CVE-2026-21340 affects Substance3D Designer 15.1.0 and earlier. It is an out-of-bounds read that could lead to memory exposure and disclosure of sensitive information. Exploitation requires user interaction and local access: a victim must open a malicious file. Vulnerable component: Substance3D D...

5.5CVSS5.4AI score0.00153EPSS
CVE
CVE
added 2026/05/12 6:13 p.m.16 views

CVE-2026-34681

CVE-2026-34681 affects Substance3D Designer up to version 15.1.0. The issue is an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction; a victim must open a malicious file. No remediation details are p...

7.8CVSS6.3AI score0.00148EPSS
CVE
CVE
added 2026/05/12 6:13 p.m.16 views

CVE-2026-34684

Substance3D Designer before or equal to v15.1.0 is affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the current user context. The vulnerability arises from an out-of-bounds write condition and requires user interaction (the victim must open a malicious fil...

7.8CVSS6.3AI score0.00149EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.15 views

CVE-2026-21335

CVE-2026-21335 affects Substance3D Designer up to version 15.1.0. The issue is an out-of-bounds write in the affected software that could lead to arbitrary code execution under the context of the current user. Exploitation, if any, requires the user to open a malicious file, indicating a user int...

7.8CVSS6.3AI score0.00184EPSS
CVE
CVE
added 2026/02/10 6:8 p.m.14 views

CVE-2026-21337

Substance3D Designer (Version 15.1.0 and earlier) contains an Out-of-bounds Read that can expose memory. The vulnerability affects the software component handling file parsing, enabling a crafted file to access sensitive data in memory. Exploitation requires user interaction: a victim must open a...

5.5CVSS5.5AI score0.00153EPSS