Adobe Substance 3d Designer
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Substance 3d Designer.
By the Year
In 2025 there have been 12 vulnerabilities in Adobe Substance 3d Designer with an average score of 7.4 out of ten. Last year, in 2024 Substance 3d Designer had 3 security vulnerabilities published. That is, 9 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.38.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 12 | 7.42 |
| 2024 | 3 | 7.03 |
| 2023 | 5 | 6.42 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Substance 3d Designer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Substance 3d Designer Security Vulnerabilities
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21164
7.8 - High
- July 08, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21165
7.8 - High
- July 08, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21166
7.8 - High
- July 08, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability
CVE-2025-21167
5.5 - Medium
- July 08, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability
CVE-2025-21168
5.5 - Medium
- July 08, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability
CVE-2025-21169
7.8 - High
- March 11, 2025
Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-27172
7.8 - High
- March 11, 2025
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21161
7.8 - High
- February 11, 2025
Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability
CVE-2025-21137
7.8 - High
- January 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21136
7.8 - High
- January 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability
CVE-2025-21138
7.8 - High
- January 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability
CVE-2025-21139
7.8 - High
- January 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability
CVE-2024-41864
7.8 - High
- August 14, 2024
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability
CVE-2024-30281
5.5 - Medium
- May 16, 2024
Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Substance3D - Designer versions 13.1.0 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file
CVE-2024-20750
7.8 - High
- February 15, 2024
Substance3D - Designer versions 13.1.0 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2023-48636
5.5 - Medium
- December 13, 2023
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2023-48637
5.5 - Medium
- December 13, 2023
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2023-48638
5.5 - Medium
- December 13, 2023
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds write vulnerability
CVE-2023-48639
7.8 - High
- December 13, 2023
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Substance 3D Designer version 12.4.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability
CVE-2023-21618
7.8 - High
- June 15, 2023
Adobe Substance 3D Designer version 12.4.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Substance 3d Designer or by Adobe? Click the Watch button to subscribe.
