5.4
CVE-2025-30316 - Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victimโs browser when they browse to the pagโฆ
6.1
CVE-2025-30314 - Adobe Connect | Cross-site Scripting (Stored XSS) (CWE-79)
Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victimโs browser when they browse to the page containing tโฆ
9.3
CVE-2025-43567 - Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victimโs browser when they browse to the page containinโฆ
7.8
CVE-2025-43554 - Substance3D - Modeler | Out-of-bounds Write (CWE-787)
Substance3D - Modeler versions 1.21.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-43553 - Substance3D - Modeler | Uncontrolled Search Path Element (CWE-427)
Substance3D - Modeler versions 1.21.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. If the application relies on a search path to locate critical resources such as libraries or executabโฆ
7.8
CVE-2025-43569 - Substance3D - Stager | Out-of-bounds Write (CWE-787)
Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-43571 - Substance3D - Stager | Use After Free (CWE-416)
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2025-43570 - Substance3D - Stager | Use After Free (CWE-416)
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2025-43551 - Substance3D - Stager | Out-of-bounds Read (CWE-125)
Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a vicโฆ
7.8
CVE-2025-43568 - Substance3D - Stager | Use After Free (CWE-416)
Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.