cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21161,https://securityvulnerability.io/vulnerability/CVE-2025-21161,Out-of-Bounds Write Vulnerability in Substance3D Designer from Adobe,"Adobe Substance3D Designer versions 14.0.2 and earlier have a vulnerability that allows for out-of-bounds write operations, potentially leading to arbitrary code execution within the context of the current user. Exploiting this vulnerability requires user interaction, as a victim must open a specially crafted malicious file.",Adobe,Substance3d - Designer,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:31:44.620Z,0
CVE-2024-41864,https://securityvulnerability.io/vulnerability/CVE-2024-41864,Out-of-Bounds Write Vulnerability in Substance3D Designer Could Lead to Arbitrary Code Execution,"The vulnerability in Substance3D Designer versions 13.1.2 and earlier allows for an out-of-bounds write condition. This security flaw can potentially enable arbitrary code execution within the context of the current user. Successful exploitation necessitates user interaction, specifically requiring the victim to open a specially crafted malicious file. Users of affected versions are advised to apply necessary patches and remain vigilant against suspicious files to mitigate the associated risks.",Adobe,Substance3d - Designer,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T08:24:17.127Z,0
CVE-2024-30281,https://securityvulnerability.io/vulnerability/CVE-2024-30281,Out-of-Bounds Read Vulnerability Affects Substance3D Designer,Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3d - Designer,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-05-16T08:56:49.490Z,0
CVE-2024-20750,https://securityvulnerability.io/vulnerability/CVE-2024-20750,Out-of-Bounds Read Vulnerability in Substance3D Designer Could Lead to Code Execution,"Substance3D Designer versions 13.1.0 and earlier are prone to an out-of-bounds read vulnerability. This issue arises when the application processes a specially crafted file, potentially allowing data to be read beyond the allocated memory structure. Exploitation requires the target user to open the compromised file, enabling an attacker to execute arbitrary code within the user's context. Users are advised to exercise caution and only open files from trusted sources.",Adobe,Substance3d - Designer,7.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-02-15T12:30:32.958Z,0
CVE-2023-48639,https://securityvulnerability.io/vulnerability/CVE-2023-48639,Adobe Substance 3D Designer 13.0.2 build 6942 Vulnerability I,"Adobe Substance 3D Designer versions up to and including 13.1.0 are susceptible to an out-of-bounds write vulnerability. This flaw allows for the execution of arbitrary code when a user interacts with a maliciously crafted file. Successful exploitation requires that the user manually opens the infected file, potentially compromising their system and sensitive information.",Adobe,Substance3d - Designer,7.8,HIGH,0.0015899999998509884,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48636,https://securityvulnerability.io/vulnerability/CVE-2023-48636,Adobe Substance 3D Designer 13.0.2 build 6942 Vulnerability IV,Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Designer,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48638,https://securityvulnerability.io/vulnerability/CVE-2023-48638,Adobe Substance 3D Designer 13.0.2 build 6942 Vulnerability III,Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Designer,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48637,https://securityvulnerability.io/vulnerability/CVE-2023-48637,Adobe Substance 3D Designer 13.0.2 build 6942 Vulnerability II,Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Designer,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-21618,https://securityvulnerability.io/vulnerability/CVE-2023-21618,ZDI-CAN-20963: Adobe Substance 3D Designer SBS File Parsing Uninitialized Variable Remote Code Execution Vulnerability,"Adobe Substance 3D Designer versions up to 12.4.1 are susceptible to a vulnerability that allows for arbitrary code execution through an access of uninitialized pointer. This issue arises when a user interacts with a malicious file, leading to possible exploitation in the context of the user’s privileges. Users are advised to avoid opening untrusted files until a patch is applied.",Adobe,Substance3D - Designer,7.8,HIGH,0.001339999958872795,false,,false,false,false,,,false,false,,2023-06-15T00:00:00.000Z,0
CVE-2023-26415,https://securityvulnerability.io/vulnerability/CVE-2023-26415,ZDI-CAN-20317: Adobe Substance 3D Designer DAE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe Substance 3D Designer versions 12.4.0 and earlier contain an out-of-bounds write vulnerability that enables arbitrary code execution within the context of the current user. The exploitation pathway necessitates user interaction, as the targeted individual must open a specially crafted file designed to trigger the flaw. This could lead to severe security implications, highlighting the need for users to be vigilant when dealing with untrusted files.",Adobe,Substance3D - Designer,7.8,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26398,https://securityvulnerability.io/vulnerability/CVE-2023-26398,ZDI-CAN-20310: Adobe Substance 3D Designer USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Designer, up to version 12.4.0, contains an out-of-bounds read vulnerability. This occurs when the application processes a specially crafted file, potentially permitting an attacker to read data beyond the allocated memory buffer. The exploitation of this vulnerability necessitates that a user interacts with a malicious file, thereby increasing the risk of arbitrary code execution in the context of the user. It is crucial for users to be vigilant and avoid opening suspicious files that may exploit this security issue.",Adobe,Substance3D - Designer,7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26416,https://securityvulnerability.io/vulnerability/CVE-2023-26416,ZDI-CAN-20318: Adobe Substance 3D Designer DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe Substance 3D Designer versions up to 12.4.0 are vulnerable to a heap-based buffer overflow which may lead to arbitrary code execution. This vulnerability can be exploited when a user opens a specially crafted malicious file, potentially allowing an attacker to execute arbitrary commands in the context of the targeted user. Users are advised to exercise caution when dealing with untrusted files to mitigate the risk associated with this vulnerability.",Adobe,Substance3D - Designer,7.8,HIGH,0.012649999931454659,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26409,https://securityvulnerability.io/vulnerability/CVE-2023-26409,ZDI-CAN-20313: Adobe Substance 3D Designer USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Designer versions 12.4.0 and earlier are susceptible to an out-of-bounds read vulnerability. This security flaw occurs when the software processes a specially crafted file, potentially leading to a read beyond the limits of an allocated memory structure. Attackers can exploit this vulnerability to execute arbitrary code within the context of the user running the application. Notably, successful exploitation necessitates that the user open a malicious file, emphasizing the role of user interaction in this security threat.",Adobe,Substance3D - Designer,7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26410,https://securityvulnerability.io/vulnerability/CVE-2023-26410,ZDI-CAN-20309: Adobe Substance 3D Designer USD File Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe Substance 3D Designer version 12.4.0 and earlier is susceptible to a Use After Free vulnerability that could allow attackers to execute arbitrary code in the context of the current user. Successful exploitation requires user interaction, as the victim must open a specially crafted malicious file. This vulnerability highlights the importance of being cautious with file handling and maintaining awareness of potential software weaknesses.",Adobe,Substance3D - Designer,7.8,HIGH,0.09325999766588211,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26411,https://securityvulnerability.io/vulnerability/CVE-2023-26411,ZDI-CAN-20312: Adobe Substance 3D Designer USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Designer versions 12.4.0 and earlier exhibit a vulnerability that allows for an out-of-bounds read when processing a specifically crafted file. This flaw could lead to unintended code execution within the user's context. To exploit this issue, an attacker must persuade a victim to open a malicious file, thereby increasing the risk to user data and application integrity. Users are advised to remain cautious and update to secure versions.",Adobe,Substance3D - Designer,7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26412,https://securityvulnerability.io/vulnerability/CVE-2023-26412,ZDI-CAN-20314: Adobe Substance 3D Designer USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability,Adobe Substance 3D Designer versions up to and including 12.4.0 are vulnerable to a stack-based buffer overflow. This flaw can allow an attacker to execute arbitrary code within the context of the user after manipulating the user into opening a specially crafted file. Users should exercise caution and ensure they only open files from trusted sources to mitigate potential risks.,Adobe,Substance3D - Designer,7.8,HIGH,0.03968999907374382,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26413,https://securityvulnerability.io/vulnerability/CVE-2023-26413,ZDI-CAN-20315: Adobe Substance 3D Designer USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe Substance 3D Designer, specifically version 12.4.0 and earlier, is exposed to a heap-based buffer overflow vulnerability. This flaw could potentially allow attackers to execute arbitrary code with the permissions of the current user if they can convince the user to open a crafted malicious file. User interaction is essential for the exploit to succeed, making it critical for users to remain vigilant about the files they access.",Adobe,Substance3D - Designer,7.8,HIGH,0.012649999931454659,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0
CVE-2023-26414,https://securityvulnerability.io/vulnerability/CVE-2023-26414,ZDI-CAN-20316: Adobe Substance 3D Designer USD File Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe Substance 3D Designer, specifically version 12.4.0 and earlier, contains a Use After Free vulnerability that may allow an attacker to execute arbitrary code within the context of the user. This exploitation requires the user to open a malicious file, posing a potential risk to the system's integrity and security. Users should exercise caution when handling files from untrusted sources to mitigate this risk. For further details, visit the official Adobe security advisory.",Adobe,Substance3D - Designer,7.8,HIGH,0.09325999766588211,false,,false,false,false,,,false,false,,2023-04-13T00:00:00.000Z,0