VYPR

Painter

by Substance3D

CVEs (2)

  • CVE-2024-49525HigNov 12, 2024
    risk 0.51cvss 7.8epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2024-47438MedNov 12, 2024
    risk 0.36cvss 5.5epss 0.00

    Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure…