Autocad
by Autodesk
CVEs (141)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-41139 | 0.00 | — | 0.00 | Nov 23, 2023 | A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||
| CVE-2023-29076 | 0.00 | — | 0.01 | Nov 23, 2023 | A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||
| CVE-2023-29075 | 0.00 | — | 0.01 | Nov 23, 2023 | A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2023-29074 | 0.00 | — | 0.01 | Nov 23, 2023 | A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2023-29073 | 0.00 | — | 0.01 | Nov 23, 2023 | A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2023-25003 | 0.00 | — | 0.00 | Jun 23, 2023 | A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution. | |||
| CVE-2023-27912 | 0.00 | — | 0.00 | Apr 14, 2023 | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. | |||
| CVE-2023-29067 | 0.00 | — | 0.00 | Apr 14, 2023 | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2023-27914 | 0.00 | — | 0.00 | Apr 14, 2023 | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in… | |||
| CVE-2023-27913 | 0.00 | — | 0.00 | Apr 14, 2023 | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2023-27915 | 0.00 | — | 0.00 | Apr 14, 2023 | A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-33887 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. | |||
| CVE-2022-33885 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. | |||
| CVE-2022-33884 | 0.00 | — | 0.01 | Oct 3, 2022 | Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-33889 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. | |||
| CVE-2022-33886 | 0.00 | — | 0.00 | Oct 3, 2022 | A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023, 2022, 2021, 2020, and Maya 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files,… | |||
| CVE-2022-33881 | 0.00 | — | 0.00 | Jul 29, 2022 | Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||
| CVE-2022-27870 | 0.00 | — | 0.01 | Jun 21, 2022 | A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | |||
| CVE-2022-27868 | 0.00 | — | 0.01 | Jun 21, 2022 | A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | |||
| CVE-2022-27867 | 0.00 | — | 0.01 | Jun 21, 2022 | A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. |
- CVE-2023-41139Nov 23, 2023risk 0.00cvss —epss 0.00
A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
- CVE-2023-29076Nov 23, 2023risk 0.00cvss —epss 0.01
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
- CVE-2023-29075Nov 23, 2023risk 0.00cvss —epss 0.01
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2023-29074Nov 23, 2023risk 0.00cvss —epss 0.01
A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2023-29073Nov 23, 2023risk 0.00cvss —epss 0.01
A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2023-25003Jun 23, 2023risk 0.00cvss —epss 0.00
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
- CVE-2023-27912Apr 14, 2023risk 0.00cvss —epss 0.00
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.
- CVE-2023-29067Apr 14, 2023risk 0.00cvss —epss 0.00
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2023-27914Apr 14, 2023risk 0.00cvss —epss 0.00
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in…
- CVE-2023-27913Apr 14, 2023risk 0.00cvss —epss 0.00
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2023-27915Apr 14, 2023risk 0.00cvss —epss 0.00
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-33887Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.
- CVE-2022-33885Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
- CVE-2022-33884Oct 3, 2022risk 0.00cvss —epss 0.01
Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-33889Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.
- CVE-2022-33886Oct 3, 2022risk 0.00cvss —epss 0.00
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023, 2022, 2021, 2020, and Maya 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files,…
- CVE-2022-33881Jul 29, 2022risk 0.00cvss —epss 0.00
Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
- CVE-2022-27870Jun 21, 2022risk 0.00cvss —epss 0.01
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.
- CVE-2022-27868Jun 21, 2022risk 0.00cvss —epss 0.01
A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
- CVE-2022-27867Jun 21, 2022risk 0.00cvss —epss 0.01
A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
Page 6 of 8