Vendor CVEs
Autodesk
All CVEs
319 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-5038 | 0.00 | — | 0.00 | Jul 29, 2025 | A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-5039 | 0.00 | — | 0.00 | Jul 24, 2025 | A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized. | |||
| CVE-2025-5042 | 0.00 | — | 0.00 | Jul 22, 2025 | A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-5040 | 0.00 | — | 0.00 | Jul 10, 2025 | A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-5037 | 0.00 | — | 0.00 | Jul 10, 2025 | A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-5036 | 0.00 | — | 0.00 | Jun 2, 2025 | A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1274 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1277 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-1656 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2025-1273 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2025-2497 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-1276 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current… | |||
| CVE-2025-1275 | 0.00 | — | 0.00 | Apr 15, 2025 | A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the… | |||
| CVE-2025-1660 | 0.00 | — | 0.00 | Apr 1, 2025 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-1659 | 0.00 | — | 0.00 | Apr 1, 2025 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1658 | 0.00 | — | 0.00 | Apr 1, 2025 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1652 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1651 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1650 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2025-1649 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2025-1433 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1432 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1431 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1430 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2025-1429 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1428 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2025-1427 | 0.00 | — | 0.00 | Mar 13, 2025 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2024-12671 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12670 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2024-12669 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2024-12200 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12199 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12198 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12197 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12194 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2024-12179 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2024-12193 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12192 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12191 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-12178 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||
| CVE-2024-11422 | 0.00 | — | 0.00 | Dec 17, 2024 | A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-11608 | 0.00 | — | 0.00 | Dec 9, 2024 | A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-11454 | 0.00 | — | 0.00 | Dec 9, 2024 | A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized. | |||
| CVE-2024-11268 | 0.00 | — | 0.00 | Dec 9, 2024 | A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak. | |||
| CVE-2023-7298 | 0.00 | — | 0.00 | Dec 9, 2024 | A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||
| CVE-2024-9500 | 0.00 | — | 0.00 | Nov 15, 2024 | A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management. | |||
| CVE-2024-7992 | 0.00 | — | 0.00 | Oct 29, 2024 | A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of… | |||
| CVE-2024-7991 | 0.00 | — | 0.00 | Oct 29, 2024 | A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the… | |||
| CVE-2024-9997 | 0.00 | — | 0.00 | Oct 29, 2024 | A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current… | |||
| CVE-2024-9996 | 0.00 | — | 0.00 | Oct 29, 2024 | A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current… |
- CVE-2025-5038Jul 29, 2025risk 0.00cvss —epss 0.00
A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-5039Jul 24, 2025risk 0.00cvss —epss 0.00
A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
- CVE-2025-5042Jul 22, 2025risk 0.00cvss —epss 0.00
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-5040Jul 10, 2025risk 0.00cvss —epss 0.00
A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-5037Jul 10, 2025risk 0.00cvss —epss 0.00
A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-5036Jun 2, 2025risk 0.00cvss —epss 0.00
A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1274Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2025-1277Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-1656Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2025-1273Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2025-2497Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-1276Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…
- CVE-2025-1275Apr 15, 2025risk 0.00cvss —epss 0.00
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the…
- CVE-2025-1660Apr 1, 2025risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-1659Apr 1, 2025risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1658Apr 1, 2025risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1652Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1651Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1650Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2025-1649Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2025-1433Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1432Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1431Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1430Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2025-1429Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1428Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2025-1427Mar 13, 2025risk 0.00cvss —epss 0.00
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2024-12671Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12670Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2024-12669Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2024-12200Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12199Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12198Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12197Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12194Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2024-12179Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current…
- CVE-2024-12193Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12192Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12191Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-12178Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
- CVE-2024-11422Dec 17, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-11608Dec 9, 2024risk 0.00cvss —epss 0.00
A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- CVE-2024-11454Dec 9, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.
- CVE-2024-11268Dec 9, 2024risk 0.00cvss —epss 0.00
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak.
- CVE-2023-7298Dec 9, 2024risk 0.00cvss —epss 0.00
A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
- CVE-2024-9500Nov 15, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.
- CVE-2024-7992Oct 29, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of…
- CVE-2024-7991Oct 29, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the…
- CVE-2024-9997Oct 29, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current…
- CVE-2024-9996Oct 29, 2024risk 0.00cvss —epss 0.00
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current…
Page 2 of 7