12 matches found
CVE-2025-43583
CVE-2025-43583 affects Substance3D Viewer (versions 0.22 and earlier). The root cause is a NULL pointer dereference in the viewer, which can cause an application denial-of-service crash. Exploitation requires user interaction (victim opens a malicious file). The PT-security/PT-2025-28740 advisory...
CVE-2025-49560
Substance3D Viewer (Adobe)32: A heap-based buffer overflow affects Substance3D Viewer versions 0.25 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Several sources confirm the vulnerability ...
CVE-2025-54244
The CVE-2025-54244 issue affects Substance3D Viewer, specifically versions 0.25.1 and earlier. A heap-based buffer overflow in the viewer could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (the user must open a malicious file). Public s...
CVE-2025-43582
CVE-2025-43582 affects Substance3D Viewer versions 0.22 and earlier. The vulnerability is a heap-based buffer overflow caused by a partial overwrite of heap memory, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a m...
CVE-2025-49569
Substance3D Viewer (Adobe)
CVE-2025-43584
Affected software: Substance3D Viewer. Issue: an out-of-bounds read in Substance3D Viewer versions 0.22 and earlier, leading to disclosure of sensitive memory. Attack requires user interaction: the victim must open a malicious file. Impact is memory disclosure; CVSS metrics in sources indicate Lo...
CVE-2025-54245
Summary : CVE-2025-54245 affects Adobe Substance3D Viewer up to version 0.25.1, with an out-of-bounds write vulnerability that could allow arbitrary code execution in the current user’s context. The issue is triggered by opening a malicious file, requiring user interaction. Affected product/detai...
CVE-2025-54243
CVE-2025-54243 affects Adobe Substance3D Viewer up to version 0.25.1. It is an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the current user’s context. Exploitation requires user interaction: the victim must open a crafted malicious file. Several sources corroborate ...
CVE-2025-54273
Substance3D Viewer
CVE-2025-54274
The CVE-2025-54274 entry concerns Adobe Substance3D Viewer. Affected: Substance3D Viewer ≤ 0.25.2. Issue: a Stack-based Buffer Overflow that could lead to arbitrary code execution in the current user’s context. Trigger: user must open a specially crafted/malicious file (requires user interaction)...
CVE-2025-54280
Substance3D - Viewer ≤ 0.25.2 is affected by an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction: a victim must open a malicious file. The CVE is confirmed across multiple feeds (CVE-2025-54280; Red Hat...
CVE-2025-54275
Summary: CVE-2025-54275 affects Substance3D Viewer 0.25.2 and earlier, with an out-of-bounds write (CWE-787) that can cause a denial-of-service. The issue requires a user to open a malicious file, and exploitation could crash the application or make it unavailable. Affected software: Substance3D ...