Vulnerabilities > Adobe > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-28 | CVE-2023-26332 | Out-of-bounds Read vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 7.8 |
| 2023-03-28 | CVE-2023-26333 | Out-of-bounds Read vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
| 2023-03-28 | CVE-2023-26334 | Access of Uninitialized Pointer vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2023-03-28 | CVE-2023-26335 | Out-of-bounds Read vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
| 2023-03-28 | CVE-2023-26336 | Use After Free vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2023-03-28 | CVE-2023-26337 | Out-of-bounds Write vulnerability in Adobe Dimension 3.4.3/3.4.6/3.4.7 Adobe Dimension versions 3.4.7 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2023-03-27 | CVE-2023-22247 | XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an XML Injection vulnerability that could lead to arbitrary file system read. | 7.5 |
| 2023-03-27 | CVE-2023-25863 | Out-of-bounds Read vulnerability in Adobe Substance 3D Stager Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 7.8 |
| 2023-03-27 | CVE-2023-25864 | Out-of-bounds Write vulnerability in Adobe Substance 3D Stager Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2023-03-27 | CVE-2023-25865 | Improper Input Validation vulnerability in Adobe Substance 3D Stager Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |