← Back

Renderdoc

renderdoc

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Renderdoc
renderdoc
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-33865
1Renderdoc
1Renderdoc
Nov 3, 2025
Jun 7, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.
CVE-2023-33864
1Renderdoc
1Renderdoc
Nov 3, 2025
Jun 7, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_InputSize) even though m_InputSize can exceed m_BufferSize.
CVE-2023-33863
1Renderdoc
1Renderdoc
Nov 3, 2025
Jun 7, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff (SIZE_MAX) and then there is an attempt to add 1.