cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21155,https://securityvulnerability.io/vulnerability/CVE-2025-21155,NULL Pointer Dereference in Substance3D Stager by Adobe,"Substance3D Stager versions 3.1.0 and earlier are susceptible to a NULL Pointer Dereference vulnerability, which may result in the application crashing and lead to a Denial of Service condition. This vulnerability can be exploited if a user interacts with a malicious file, thereby compromising the application's stability. Users should refrain from opening untrusted files to mitigate potential risks.",Adobe,Substance3d - Stager,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:16:05.608Z,0
CVE-2024-39388,https://securityvulnerability.io/vulnerability/CVE-2024-39388,ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability,"A Use After Free vulnerability exists in Adobe's Substance3D Stager versions 3.0.2 and earlier. This security flaw could allow malicious actors to execute arbitrary code within the context of the current user. Successful exploitation demands user interaction, specifically, the victim must open a crafted malicious file that triggers the vulnerability. Users of the affected software are encouraged to assess their exposure and apply relevant security updates to mitigate potential risks.",Adobe,Substance3d - Stager,7.8,HIGH,0.004399999976158142,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-34115,https://securityvulnerability.io/vulnerability/CVE-2024-34115,Arbitrary Code Execution Vulnerability in Substance3D Stager Could Lead to User Data Theft,"Adobe Substance3D Stager versions 2.1.4 and earlier contain an out-of-bounds write vulnerability that poses a severe risk by allowing arbitrary code execution in the context of the current user. This security flaw necessitates user action, as exploitation occurs when a user opens a specially crafted malicious file. Proper attention to this vulnerability is critical to maintain system security and prevent potential attacks.",Adobe,Substance3d - Stager,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2024-06-13T11:25:39.069Z,0
CVE-2024-20711,https://securityvulnerability.io/vulnerability/CVE-2024-20711,Adobe Substance 3D Stager v2.1.1 Vulnerability VII,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:26:00.479Z,0
CVE-2024-20712,https://securityvulnerability.io/vulnerability/CVE-2024-20712,Adobe Substance 3D Stager v2.1.1 Vulnerability III,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:25:59.624Z,0
CVE-2024-20713,https://securityvulnerability.io/vulnerability/CVE-2024-20713,Adobe Substance 3D Stager v2.1.1 Vulnerability IV,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:25:58.851Z,0
CVE-2024-20714,https://securityvulnerability.io/vulnerability/CVE-2024-20714,Adobe Substance 3D Stager v2.1.1 Vulnerability V,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:25:58.076Z,0
CVE-2024-20715,https://securityvulnerability.io/vulnerability/CVE-2024-20715,Adobe Substance 3D Stager v2.1.1 Vulnerability VIII,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:25:57.290Z,0
CVE-2024-20710,https://securityvulnerability.io/vulnerability/CVE-2024-20710,Adobe Substance 3D Stager v2.1.1 Vulnerability I,Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-01-10T12:25:56.512Z,0
CVE-2023-47081,https://securityvulnerability.io/vulnerability/CVE-2023-47081,Adobe Substance 3D Stager v2.1.1 Vulnerability II,Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-47080,https://securityvulnerability.io/vulnerability/CVE-2023-47080,Adobe Substance 3D Stager v2.1.1 Vulnerability VI,Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-26391,https://securityvulnerability.io/vulnerability/CVE-2023-26391,ZDI-CAN-20256: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions 2.0.1 and earlier contain an out-of-bounds read vulnerability that arises when parsing specially crafted files. This flaw could potentially allow an attacker to read memory beyond allocated data, which may lead to code execution in the context of the user. Exploitation of this vulnerability necessitates that a user inadvertently open a crafted file, highlighting the importance of user awareness and file integrity.",Adobe,Substance3D - Stager,7.8,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26383,https://securityvulnerability.io/vulnerability/CVE-2023-26383,ZDI-CAN-20287: Adobe Substance 3D Stager USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe Substance 3D Stager, specifically version 2.0.1 and all earlier versions, is exposed to a stack-based buffer overflow vulnerability. This weakness could potentially allow attackers to execute arbitrary code within the user’s environment, contingent on the user interacting with a specifically crafted malicious file. It is crucial for users of the affected software to remain vigilant and refrain from opening untrusted files to mitigate this vulnerability.",Adobe,Substance3D - Stager,7.8,HIGH,0.045490000396966934,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26384,https://securityvulnerability.io/vulnerability/CVE-2023-26384,ZDI-CAN-20279: Adobe Substance 3D Stager USD File Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions 2.0.1 and prior contain a Use After Free vulnerability that could permit an attacker to execute arbitrary code within the context of the current user. To exploit this vulnerability, an attacker must entice the victim to open a specially crafted malicious file. Users must exercise caution and ensure that they do not open untrusted files to avoid potential exploitation.",Adobe,Substance3D - Stager,7.8,HIGH,0.07354000210762024,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26385,https://securityvulnerability.io/vulnerability/CVE-2023-26385,ZDI-CAN-20267: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26386,https://securityvulnerability.io/vulnerability/CVE-2023-26386,ZDI-CAN-20266: Adobe Substance 3D Stager USDC File Parsing Uninitialized Variable Information Disclosure Vulnerability,Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26387,https://securityvulnerability.io/vulnerability/CVE-2023-26387,ZDI-CAN-20265: Adobe Substance 3D Stager USDC File Parsing Uninitialized Variable Information Disclosure Vulnerability,Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26388,https://securityvulnerability.io/vulnerability/CVE-2023-26388,ZDI-CAN-20286: Adobe Substance 3D Stager USDZ File Parsing Memory Corruption Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions 2.0.1 and earlier have a vulnerability related to improper input validation that may lead to arbitrary code execution upon opening a specially crafted file. This type of vulnerability relies on user interaction, as the malicious file must be opened by the user to exploit this flaw. A successful exploit could allow an attacker to execute code within the context of the user, highlighting the importance of ensuring proper validation measures are employed.",Adobe,Substance3D - Stager,7.8,HIGH,0.0019000000320374966,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26389,https://securityvulnerability.io/vulnerability/CVE-2023-26389,ZDI-CAN-20258: Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions up to 2.0.1 are exposed to an out-of-bounds read vulnerability. This issue arises when the application processes a specially crafted file, allowing attackers to read data beyond the allocated memory limits. Successful exploitation demands user interaction, as the malicious file must be opened by the victim. This could lead to unintended code execution in the context of the current user, posing potential security risks and data exposure.",Adobe,Substance3D - Stager,7.8,HIGH,0.0016499999910593033,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26390,https://securityvulnerability.io/vulnerability/CVE-2023-26390,ZDI-CAN-20255: Adobe Substance 3D Stager USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions 2.0.1 and earlier contain a Stack-based Buffer Overflow vulnerability. This issue could enable an attacker to execute arbitrary code on the user's system, provided the victim opens a specially crafted malicious file. The exploitation of this vulnerability necessitates user interaction, making it imperative for users to exercise caution when handling unknown files.",Adobe,Substance3D - Stager,7.8,HIGH,0.045490000396966934,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26392,https://securityvulnerability.io/vulnerability/CVE-2023-26392,ZDI-CAN-20235: Adobe Substance 3D Stager USD File Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe Substance 3D Stager version 2.0.1 and earlier is affected by a Use After Free vulnerability that can allow arbitrary code execution in the context of the user currently running the application. Exploitation of this vulnerability necessitates user interaction, specifically requiring the victim to open a specially crafted malicious file that triggers the flaw. This serious security issue highlights the importance of maintaining updated software and exercising caution when handling untrusted files.",Adobe,Substance3D - Stager,7.8,HIGH,0.07354000210762024,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26393,https://securityvulnerability.io/vulnerability/CVE-2023-26393,ZDI-CAN-20234: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Stager, specifically version 2.0.1 and earlier, contains an out-of-bounds read vulnerability that occurs during the parsing of specially crafted files. This issue enables attackers to read data beyond the allocated memory structure. Successful exploitation requires the user to open a malicious file, potentially allowing an attacker to execute arbitrary code in the context of the current user's privileges, posing significant risks to system security.",Adobe,Substance3D - Stager,7.8,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26394,https://securityvulnerability.io/vulnerability/CVE-2023-26394,ZDI-CAN-20236: Adobe Substance 3D Stager USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability in Adobe Substance 3D Stager versions 2.0.1 and earlier allows for a heap-based buffer overflow, potentially leading to arbitrary code execution. Exploitation of this vulnerability requires user interaction; a victim must open a specially crafted file that triggers the overflow in the application. This can compromise the system in the context of the current user, posing significant security risks.",Adobe,Substance3D - Stager,7.8,HIGH,0.01498000044375658,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26402,https://securityvulnerability.io/vulnerability/CVE-2023-26402,ZDI-CAN-20237: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Substance 3D Stager versions prior to 2.0.2 have a vulnerability that allows attackers to perform out-of-bounds reads when a user opens a specially crafted file. This could lead to unauthorized code execution in the context of the current user. Successful exploitation necessitates user interaction, highlighting the importance of caution when dealing with unknown or untrusted files.",Adobe,Substance3D - Stager,7.8,HIGH,0.0016499999910593033,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-26403,https://securityvulnerability.io/vulnerability/CVE-2023-26403,ZDI-CAN-20259: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Substance3D - Stager,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0