Lucene search
K
AdobeSubstance 3d Painter

78 matches found

CVE
CVE
added 2023/05/11 12:0 a.m.86 views

CVE-2023-29273

Adobe Substance 3D Painter 8.3.0 and earlier is affected by an out-of-bounds read during parsing of USDC/file data, which could allow code execution in the context of the current user. The vulnerability requires user interaction (opening a malicious file or visiting a page) and is associated with...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.76 views

CVE-2023-29286

Adobe Substance 3D Painter

5.5CVSS5AI score0.00325EPSS
CVE
CVE
added 2024/05/16 8:25 a.m.75 views

CVE-2024-30308

CVE-2024-30308 affects Substance3D Painter up to version 9.1.2. The issue is an out-of-bounds read in PSD/file parsing that could disclose sensitive memory and enable bypassing ASLR. Exploitation requires user interaction (victim opens a malicious file). Public sources indicate a fix via Adobe AP...

5.5CVSS5.9AI score0.00244EPSS
CVE
CVE
added 2024/05/16 8:25 a.m.74 views

CVE-2024-30307

Substance3D Painter

7.8CVSS7.3AI score0.00286EPSS
CVE
CVE
added 2024/05/16 8:25 a.m.73 views

CVE-2024-30309

CVE-2024-30309 affects Substance3D Painter, specifically versions ≤ 9.1.2. The issue is an out-of-bounds read in the TGA file parsing path that can disclose sensitive memory and could bypass ASLR. Exploitation requires the victim to open a malicious file (user interaction). Remediation is to upda...

5.5CVSS5.9AI score0.00244EPSS
CVE
CVE
added 2024/05/16 8:25 a.m.72 views

CVE-2024-30274

CVE-2024-30274 affects Adobe Substance 3D Painter up to version 9.1.2. It is an out-of-bounds write in ABC file parsing that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected software: S...

7.8CVSS7.3AI score0.00307EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.71 views

CVE-2023-29281

Adobe Substance 3D Painter is affected in versions 8.3.0 and earlier by an out-of-bounds read while parsing crafted USD files, potentially allowing code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is confirmed across m...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.71 views

CVE-2024-47426

CVE-2024-47426 affects Substance3D Painter

7.8CVSS7.8AI score0.00298EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.67 views

CVE-2023-29278

CVE-2023-29278 affects Adobe Substance 3D Painter up to version 8.3.0. It is an uninitialized pointer access vulnerability that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. The issue is documented ac...

7.8CVSS7.7AI score0.00345EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.65 views

CVE-2024-20723

Summary (CVE-2024-20723) : Adobe Substance 3D Painter

7.8CVSS7.8AI score0.00365EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.65 views

CVE-2024-47438

Summary: CVE-2024-47438 affects Substance3D Painter (v10.1.0 and earlier). The issue is a Write-what-where condition leading to a memory leak and potential disclosure of memory content. Exploitation requires user interaction (victim opens a malicious file) and is described with a local attack vec...

5.5CVSS5.2AI score0.00218EPSS
CVE
CVE
added 2024/12/10 9:21 p.m.65 views

CVE-2024-53957

Substance3D Painter 10.1.1 and earlier are affected by a Heap-based Buffer Overflow that could allow arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim opens a malicious file). The vulnerability is documented as CVE-2024-53957. Affect...

7.8CVSS7.6AI score0.00484EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.64 views

CVE-2023-29284

Adobe Substance 3D Painter

7.8CVSS7.8AI score0.00412EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.64 views

CVE-2024-47433

Substance3D Painter ≤ 10.1.0 is affected by an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file. Mitigation: apply Adobe APSB24-86 update to 10.1.1 or later. Affected platforms/versions exact ...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.63 views

CVE-2023-29280

Adobe Substance 3D Painter (versions 8.3.0 and earlier) is affected by an out-of-bounds read in PLY/file parsing that could yield code execution in the current user context. Exploitation requires user interaction (open a malicious file). A vendor security update APSB23-29 addresses critical/impor...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.63 views

CVE-2024-20742

CVE-2024-20742 affects Adobe Substance 3D Painter up to version 9.1.1. The issue is an out-of-bounds read during parsing of a crafted file, potentially allowing code execution in the caller’s context. Exploitation requires user interaction, as a victim must open a malicious file. Multiple sources...

7.8CVSS7.5AI score0.00269EPSS
CVE
CVE
added 2025/03/11 5:31 p.m.63 views

CVE-2025-24451

CVE-2025-24451 (Substance3D Painter) affects Substance3D Painter 10.1.2 and earlier. It is an out-of-bounds write vulnerability (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. ...

7.8CVSS7.9AI score0.00236EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.62 views

CVE-2023-29276

Affected product: Adobe Substance 3D Painter (versions 8.3.0 and earlier). Vulnerability: an out-of-bounds write in USD file parsing that can lead to arbitrary code execution in the current user’s context. Root cause: failure to validate user-supplied USD data during parsing. Exploit context: rem...

7.8CVSS7.8AI score0.00302EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.62 views

CVE-2024-47440

Substance3D Painter 10.1.0 and earlier are affected by an out-of-bounds read (CWE-125) that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected product: Adobe Substance 3D Painter; vulnerability is addressed by the vendor in the ...

5.5CVSS5.1AI score0.0022EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.61 views

CVE-2023-29282

Adobe Substance 3D Painter

7.8CVSS7.8AI score0.00302EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.61 views

CVE-2023-29285

Adobe Substance 3D Painter is affected by an out-of-bounds write in USD file parsing (versions 8.3.0 and earlier) that could allow arbitrary code execution in the current user’s context. Exploitation requires user interaction (open a malicious file or visit a malicious page) and may be remote in ...

7.8CVSS7.8AI score0.00302EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.61 views

CVE-2024-20722

CVE-2024-20722 affects Substance3D Painter versions 9.1.1 and earlier. The issue is an out-of-bounds read in memory that could lead to disclosure of sensitive memory and potentially bypass mitigations such as ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected p...

5.5CVSS5.3AI score0.00227EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.61 views

CVE-2024-47428

CVE-2024-47428 affects Substance3D Painter

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.61 views

CVE-2024-47436

CVE-2024-47436 describes an out-of-bounds read in Substance3D Painter

5.5CVSS5.1AI score0.0022EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.60 views

CVE-2023-29275

CVE-2023-29275 affects Adobe Substance 3D Painter ≤ 8.3.0, where parsing USD files can trigger an out-of-bounds read and remote code execution in the context of the current user. Exploitation requires user interaction (opening a crafted file). The issue is tied to the USD file parsing path and me...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.60 views

CVE-2023-29277

Adobe Substance 3D Painter (v8.3.0 and earlier) contains an out-of-bounds read vulnerability in USD file parsing that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected product: Substance 3D Painter. Root cause: out-of-bounds read...

5.5CVSS5AI score0.00325EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.60 views

CVE-2024-20725

CVE-2024-20725 affects Adobe Substance 3D Painter, versions up to 9.1.1. It describes an out-of-bounds read that can disclose memory and potentially bypass mitigations like ASLR. Exploitation requires user interaction: a victim must open a malicious file. The vulnerability is classified with a lo...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.60 views

CVE-2024-20741

CVE-2024-20741 affects Substance3D Painter

7.8CVSS7.8AI score0.00269EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.60 views

CVE-2024-47429

Adobe Substance 3D Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability (CVE-2024-47429) that could lead to arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim opens a malicious file). This is corrob...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.60 views

CVE-2024-47437

Substance3D Painter, versions 10.1.0 and earlier, are affected by an out-of-bounds read vulnerability (CVE-2024-47437) that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected product/version details are corroborated across multi...

5.5CVSS5.3AI score0.0022EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.60 views

CVE-2024-49520

CVE-2024-49520 concerns Adobe Substance 3D Painter. Affected: Painter versions 10.1.0 and earlier. Issue: out-of-bounds write (CWE-787) potentially leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.59 views

CVE-2024-47430

Substance3D Painter

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.59 views

CVE-2024-49516

CVE-2024-49516 affects Adobe Substance 3D Painter, versions 10.1.0 and earlier. The issue is an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction) and is describ...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.59 views

CVE-2024-49525

CVE-2024-49525 affects Substance3D Painter up to version 10.1.0, where a heap-based buffer overflow could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Public sources consistently describe the issue a...

7.8CVSS7.8AI score0.00328EPSS
CVE
CVE
added 2024/12/10 9:21 p.m.59 views

CVE-2024-53958

CVE-2024-53958 affects Substance 3D Painter

7.8CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2025/03/11 5:31 p.m.59 views

CVE-2025-24450

CVE-2025-24450 affects Adobe Substance 3D Painter (versions 10.1.2 and earlier). The vulnerability is an out-of-bounds write (CWE-787) that could enable arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim must open a malicious file). M...

7.8CVSS7.9AI score0.00236EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.57 views

CVE-2024-47439

CVE-2024-47439 concerns Substance3D Painter prior to version 10.1.1, where a NULL pointer dereference in the application can crash Painter, yielding a denial‑of‑service condition. The issue requires user interaction (victim opens a crafted file) and affects the core Painter executable’s handling ...

5.5CVSS5.2AI score0.00195EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.57 views

CVE-2024-49519

Substance3D Painter up to version 10.1.0 is affected by an out-of-bounds write vulnerability (CWE-787) that could enable arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). Public sources (NVD/CVE, CNVD, NTKB) corroborate the issue an...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.56 views

CVE-2024-47435

Substance 3D Painter (Windows/macOS) versions ≤ 10.1.0 are affected by an out-of-bounds read (CWE-125) that can disclose sensitive memory and bypass mitigations like ASLR. Exploitation requires user interaction (victim opens a malicious file), with a local attack surface. The vulnerability impact...

5.5CVSS5.1AI score0.0022EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.55 views

CVE-2024-20744

Adobe Substance 3D Painter (Windows/macOS) is affected by an out-of-bounds write in Painter

7.8CVSS7.8AI score0.00239EPSS
CVE
CVE
added 2024/10/09 8:46 a.m.55 views

CVE-2024-20787

CVE-2024-20787 affects Substance 3D Painter (versions ≤ 10.0.1). It is an out-of-bounds read vulnerability in Painter’s code that can disclose memory contents and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Affected guidance indicates remediation via updates to...

5.5CVSS5.3AI score0.00219EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.55 views

CVE-2024-47431

Adobe Substance 3D Painter versions 10.1.0 and earlier are affected by a heap-based buffer overflow (CWE-122) that could enable arbitrary code execution in the current user context. Exploitation requires user interaction (opening a malicious file). A patch is available (APSB24-86) addressing thes...

7.8CVSS7.8AI score0.00328EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.55 views

CVE-2024-49515

Substance3D Painter

7.8CVSS7.7AI score0.00241EPSS
CVE
CVE
added 2024/11/12 8:2 p.m.55 views

CVE-2024-49517

Substance3D Painter, version 10.1.0 and earlier, is affected by a heap-based buffer overflow that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Remediation: update to a version later than 10.1.0 (e.g., apply APSB2...

7.8CVSS7.8AI score0.00328EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.54 views

CVE-2023-29279

CVE-2023-29279 affects Adobe Substance 3D Painter up to version 8.3.0 and earlier, with an out-of-bounds read vulnerability that can disclose memory. The issue arises in parsing USD data and can be triggered when a user opens a malicious file, requiring user interaction. The documented impact inc...

5.5CVSS5AI score0.00325EPSS
CVE
CVE
added 2025/05/13 5:24 p.m.54 views

CVE-2025-30322

Adobe Substance 3D Painter 11.0 and earlier is affected by an out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Remediation: update to a version later than 11.0 (per APSB25-38/P...

7.8CVSS7.9AI score0.00179EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.53 views

CVE-2023-29274

Adobe Substance 3D Painter (version 8.3.0 and earlier) is affected by an out-of-bounds read vulnerability in the file parsing path that could allow code execution in the attacker’s context. The issue requires user interaction (victim must open a crafted file). Public documents attribute the flaw ...

7.8CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.53 views

CVE-2024-20740

The CVE-2024-20740 entry affects Substance3D - Painter versions 9.1.1 and earlier, due to an out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Multiple connected sources cor...

7.8CVSS7.8AI score0.00239EPSS
CVE
CVE
added 2024/02/15 10:12 a.m.52 views

CVE-2024-20724

Substance3D – Painter versions 9.1.1 and earlier are affected by an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Remediation: update to version 9.1.2 or later (as per APSB24-04) to mitigate. CVE-2024-20...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2023/05/11 12:0 a.m.51 views

CVE-2023-29283

CVE-2023-29283 affects Adobe Substance 3D Painter (versions 8.3.0 and earlier). A heap-based Buffer Overflow occurs in USD file parsing, enabling arbitrary code execution in the user’s context. Exploitation requires user interaction (open malicious file or visit a crafted page). Affected product/...

7.8CVSS7.8AI score0.00412EPSS
Total number of security vulnerabilities78