VYPR

Autodesk

by Autodesk

CVEs (15)

  • CVE-2025-7675HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…

  • CVE-2025-7497HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…

  • CVE-2025-6637HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…

  • CVE-2025-6636HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

  • CVE-2025-6635HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…

  • CVE-2025-6631HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…

  • CVE-2025-5043HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…

  • CVE-2025-5038HigJul 29, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2025-5039HigJul 24, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

  • CVE-2025-1276HigApr 15, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…

  • CVE-2025-1275HigApr 15, 2025
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the…

  • CVE-2023-29069HigNov 22, 2023
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability.

  • CVE-2021-27039HigJul 9, 2021
    risk 0.51cvss 7.8epss 0.02

    A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-27036HigJul 9, 2021
    risk 0.51cvss 7.8epss 0.02

    A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code

  • CVE-2023-41145MedNov 22, 2023
    risk 0.34cvss 5.3epss 0.01

    Autodesk users who no longer have an active license for an account can still access cases for that account.