Substance 3d Painter Adobe Substance 3d Painter

  1. Vendors
  2. Adobe
  3. Substance 3d Painter

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Adobe Substance 3d Painter.

By the Year

In 2025 there have been 3 vulnerabilities in Adobe Substance 3d Painter with an average score of 7.8 out of ten. Last year, in 2024 Substance 3d Painter had 39 security vulnerabilities published. Right now, Substance 3d Painter is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.71.

Year Vulnerabilities Average Score
2025 3 7.80
2024 39 7.09
2023 14 7.31
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Substance 3d Painter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Adobe Substance 3d Painter Security Vulnerabilities

Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability

CVE-2025-30322 7.8 - High - May 13, 2025

Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability

CVE-2025-24450 7.8 - High - March 11, 2025

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability

CVE-2025-24451 7.8 - High - March 11, 2025

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Heap-based Buffer Overflow Vulnerability

CVE-2024-53957 7.8 - High - December 10, 2024

Substance3D - Painter versions 10.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-53958 7.8 - High - December 10, 2024

Substance3D - Painter versions 10.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-49520 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-49518 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-49519 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Heap-based Buffer Overflow Vulnerability

CVE-2024-49517 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-49516 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Read Vulnerability

CVE-2024-47440 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47434 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47433 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47430 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47429 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47428 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47427 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Double Free Arbitrary Code Execution Vulnerability

CVE-2024-47426 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a Double Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Double-free

Substance3D Painter Untrusted Search Path Vulnerability

CVE-2024-49515 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Untrusted Path

Substance3D Painter NULL Pointer Dereference Denial-of-Service Vulnerability

CVE-2024-47439 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

NULL Pointer Dereference

Substance3D Painter Write-what-where Condition Memory Leak Vulnerability

CVE-2024-47438 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure of sensitive memory content. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Out-of-Bounds Read Vulnerability

CVE-2024-47437 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D Painter Out-of-Bounds Read Vulnerability

CVE-2024-47436 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D Painter Out-of-Bounds Read Vulnerability

CVE-2024-47435 5.5 - Medium - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D Painter Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE-2024-47432 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Heap-based Buffer Overflow Vulnerability

CVE-2024-47431 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter Heap-based Buffer Overflow Vulnerability

CVE-2024-49525 7.8 - High - November 12, 2024

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D Painter 10.0.1 OOB Write RCE

CVE-2024-49522 7.8 - High - November 05, 2024

Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds read vulnerability

CVE-2024-20787 5.5 - Medium - October 09, 2024

Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability

CVE-2024-30309 5.5 - Medium - May 16, 2024

Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability

CVE-2024-30308 5.5 - Medium - May 16, 2024

Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability

CVE-2024-30307 7.8 - High - May 16, 2024

Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability

CVE-2024-30274 7.8 - High - May 16, 2024

Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability

CVE-2024-20725 5.5 - Medium - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability

CVE-2024-20740 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.1 and earlier are affected by a Write-what-where Condition vulnerability

CVE-2024-20741 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by a Write-what-where Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file

CVE-2024-20742 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability

CVE-2024-20743 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability

CVE-2024-20744 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability

CVE-2024-20724 5.5 - Medium - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability

CVE-2024-20723 7.8 - High - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Classic Buffer Overflow

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability

CVE-2024-20722 5.5 - Medium - February 15, 2024

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability

CVE-2023-29284 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability

CVE-2023-29283 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability

CVE-2023-29282 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file

CVE-2023-29281 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability

CVE-2023-29285 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Memory Corruption

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file

CVE-2023-29280 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability

CVE-2023-29279 5.5 - Medium - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Out-of-bounds Read

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability

CVE-2023-29278 7.8 - High - May 11, 2023

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Access of Uninitialized Pointer

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Adobe Substance 3d Painter or by Adobe? Click the Watch button to subscribe.

Adobe
Vendor

Adobe Substance 3d Painter
Product

subscribe