ZDI-23-619: Adobe Substance 3D Stager SKP File Parsing Memory Corruption Remote Code Execution Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

mujs-1.0.9-2.el8

FEDORA-EPEL-2025-141926b526 Packages in this update: mujs-1.0.9-2.el8 Update description: Backport upstream fix for CVE-2021-33796. https://nvd.nist.gov/vuln/detail/CVE-2021-33796 Read More

April 14, 2025

USN-7436-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a...

April 14, 2025

USN-7435-1: Protocol Buffers vulnerability

It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could...

April 14, 2025

golang-1.23.8-1.fc40

FEDORA-2025-f974cb8ce5 Packages in this update: golang-1.23.8-1.fc40 Update description: Includes security fixes to the net/http package, as well as bug fixes...

April 14, 2025

golang-1.23.8-1.fc41

FEDORA-2025-77ace1a41b Packages in this update: golang-1.23.8-1.fc41 Update description: Includes security fixes to the net/http package, as well as bug fixes...

April 14, 2025

USN-7434-1: Perl vulnerability

It was discovered that Perl incorrectly handled transliterating non-ASCII bytes. A remote attacker could use this issue to cause Perl...

April 14, 2025

Upcoming Speaking Engagements

Major WordPress Plugin Flaw Exploited in Under 4 Hours

Prodaft Offers “No Judgment” Deal to Buy Dark Web Accounts from Cybercrime Forum Users

New Malware ResolverRAT Targets Healthcare and Pharma Sectors

US Blocks Foreign Governments from Acquiring Citizen Data

China Sort of Admits to Being Behind Volt Typhoon

Digital Certificate Lifespans to Fall to 47 Days by 2029

AI Hallucinations Create “Slopsquatting” Supply Chain Threat

Medusa ransomware gang claims to have hacked NASCAR

ZDI-23-619: Adobe Substance 3D Stager SKP File Parsing Memory Corruption Remote Code Execution Vulnerability

mujs-1.0.9-2.el8

USN-7436-1: WebKitGTK vulnerabilities

USN-7435-1: Protocol Buffers vulnerability

golang-1.23.8-1.fc40

golang-1.23.8-1.fc41

USN-7434-1: Perl vulnerability