VYPR

Advance Steel

by Autodesk

CVEs (103)

  • CVE-2024-23136HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

  • CVE-2024-23135HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

  • CVE-2024-23134HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

  • CVE-2024-23133HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…

  • CVE-2024-23132HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of…

  • CVE-2024-23131HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other…

  • CVE-2024-23130HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the…

  • CVE-2024-23129HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in…

  • CVE-2024-23128HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution…

  • CVE-2024-23127HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute…

  • CVE-2024-23126HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…

  • CVE-2024-23125HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…

  • CVE-2024-23124HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the…

  • CVE-2024-23123HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the…

  • CVE-2024-23122HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the…

  • CVE-2024-23121HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.01

    A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the…

  • CVE-2024-23120HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute…

  • CVE-2024-0446HigFeb 22, 2024
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted STP, CATPART or MODEL file, when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute…

  • CVE-2019-7364HigAug 23, 2019
    risk 0.51cvss 7.8epss 0.02

    DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An…

  • CVE-2019-7361HigApr 9, 2019
    risk 0.51cvss 7.8epss 0.01

    An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk…

Page 5 of 6