Substance 3d Designer
Monthly
Out-of-bounds memory read in Substance 3D Designer 15.1.0 and earlier allows attackers to extract sensitive data from process memory when a victim opens a specially crafted file. The vulnerability requires user interaction but can bypass existing protections to leak confidential information. No patch is currently available for this local attack vector.
Out-of-bounds memory reads in Substance 3D Designer 15.1.0 and earlier allow attackers to extract sensitive data from process memory when a victim opens a specially crafted file. This local vulnerability requires user interaction and affects systems running the vulnerable Designer versions. No patch is currently available for this issue.
Substance 3D Designer 15.1.0 and earlier contains a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service attack requires user interaction but causes service disruption with no mitigation patch currently available.
Memory disclosure in Substance 3D Designer 15.1.0 and earlier stems from an out-of-bounds read flaw that exposes sensitive data from application memory. An attacker can exploit this vulnerability by crafting a malicious file and tricking a user into opening it, requiring no special privileges. Currently, no patch is available for affected users.
Denial-of-service in Adobe Substance 3D Designer version 15.1.0 and earlier stems from a null pointer dereference vulnerability that crashes the application when a user opens a malicious file. The attack requires no special privileges and relies solely on user interaction to trigger the crash. No patch is currently available for this vulnerability.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier via an out-of-bounds write vulnerability that triggers when users open a crafted malicious file. This local attack requires user interaction but executes with the privileges of the affected user, and no patch is currently available.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier through an out-of-bounds write vulnerability that requires a user to open a malicious file. An attacker can execute code with the privileges of the targeted user by crafting a specially designed file. No patch is currently available for this high-severity vulnerability.
Out-of-bounds memory read in Substance 3D Designer 15.0.3 and earlier allows attackers to disclose sensitive information from application memory by tricking users into opening malicious files. The vulnerability requires local access and user interaction but carries no patch availability. This medium-severity flaw affects designers and creative professionals using vulnerable versions of the software.
Arbitrary code execution in Substance 3D Designer 15.0.3 and earlier results from an out-of-bounds write vulnerability triggered when users open specially crafted files. An attacker can leverage this to execute code with the privileges of the affected user, though exploitation requires social engineering to deliver the malicious file. No patch is currently available.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds memory read in Substance 3D Designer 15.1.0 and earlier allows attackers to extract sensitive data from process memory when a victim opens a specially crafted file. The vulnerability requires user interaction but can bypass existing protections to leak confidential information. No patch is currently available for this local attack vector.
Out-of-bounds memory reads in Substance 3D Designer 15.1.0 and earlier allow attackers to extract sensitive data from process memory when a victim opens a specially crafted file. This local vulnerability requires user interaction and affects systems running the vulnerable Designer versions. No patch is currently available for this issue.
Substance 3D Designer 15.1.0 and earlier contains a null pointer dereference vulnerability that allows local attackers to crash the application by tricking users into opening malicious files. This denial-of-service attack requires user interaction but causes service disruption with no mitigation patch currently available.
Memory disclosure in Substance 3D Designer 15.1.0 and earlier stems from an out-of-bounds read flaw that exposes sensitive data from application memory. An attacker can exploit this vulnerability by crafting a malicious file and tricking a user into opening it, requiring no special privileges. Currently, no patch is available for affected users.
Denial-of-service in Adobe Substance 3D Designer version 15.1.0 and earlier stems from a null pointer dereference vulnerability that crashes the application when a user opens a malicious file. The attack requires no special privileges and relies solely on user interaction to trigger the crash. No patch is currently available for this vulnerability.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier via an out-of-bounds write vulnerability that triggers when users open a crafted malicious file. This local attack requires user interaction but executes with the privileges of the affected user, and no patch is currently available.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier through an out-of-bounds write vulnerability that requires a user to open a malicious file. An attacker can execute code with the privileges of the targeted user by crafting a specially designed file. No patch is currently available for this high-severity vulnerability.
Out-of-bounds memory read in Substance 3D Designer 15.0.3 and earlier allows attackers to disclose sensitive information from application memory by tricking users into opening malicious files. The vulnerability requires local access and user interaction but carries no patch availability. This medium-severity flaw affects designers and creative professionals using vulnerable versions of the software.
Arbitrary code execution in Substance 3D Designer 15.0.3 and earlier results from an out-of-bounds write vulnerability triggered when users open specially crafted files. An attacker can leverage this to execute code with the privileges of the affected user, though exploitation requires social engineering to deliver the malicious file. No patch is currently available.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.