-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Weston Steimel <[email protected]>
- Loading branch information
1 parent
1454f87
commit 3dc000d
Showing
36 changed files
with
1,446 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-20787", | ||
| "description": "Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Painter", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "10.1.0", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45136", | ||
| "description": "InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue requires user interaction.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/incopy/apsb24-79.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:incopy:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "InCopy", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "19.5", | ||
| "status": "affected", | ||
| "version": "19", | ||
| "versionType": "semver" | ||
| }, | ||
| { | ||
| "lessThan": "18.5.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45137", | ||
| "description": "InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which, when executed, could run arbitrary code in the context of the server. Exploitation of this issue requires user interaction.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/incopy/apsb24-79.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "InDesign Desktop", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "19.5", | ||
| "status": "affected", | ||
| "version": "19", | ||
| "versionType": "semver" | ||
| }, | ||
| { | ||
| "lessThan": "18.5.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45138", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45139", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45140", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45141", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45142", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45143", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| { | ||
| "additionalMetadata": { | ||
| "cna": "adobe", | ||
| "cveId": "CVE-2024-45144", | ||
| "description": "Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", | ||
| "reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
| "references": [ | ||
| "https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html" | ||
| ] | ||
| }, | ||
| "adp": { | ||
| "affected": [ | ||
| { | ||
| "cpes": [ | ||
| "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*" | ||
| ], | ||
| "product": "Substance3D - Stager", | ||
| "vendor": "Adobe", | ||
| "versions": [ | ||
| { | ||
| "lessThan": "3.0.4", | ||
| "status": "affected", | ||
| "version": "0", | ||
| "versionType": "semver" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "00000000-0000-4000-8000-000000000000", | ||
| "shortName": "anchoreadp" | ||
| } | ||
| } | ||
| } |
Oops, something went wrong.