VYPR

Vendor CVEs

Autodesk

All CVEs

319 total · sorted by risk
  • CVE-2022-25788Apr 19, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2022-27530Apr 18, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code.

  • CVE-2022-27529Apr 18, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code.

  • CVE-2022-27526Apr 18, 2022
    risk 0.00cvss epss 0.01

    A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  • CVE-2022-27525Apr 18, 2022
    risk 0.00cvss epss 0.02

    A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…

  • CVE-2022-27524Apr 13, 2022
    risk 0.00cvss epss 0.01

    An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the…

  • CVE-2022-27523Apr 13, 2022
    risk 0.00cvss epss 0.01

    A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the…

  • CVE-2022-25797Apr 13, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to dereference for a write beyond the allocated buffer while parsing PDF files. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled…

  • CVE-2022-25795Apr 13, 2022
    risk 0.00cvss epss 0.02

    A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 may lead to remote code execution through maliciously crafted DWG files.

  • CVE-2022-27528Apr 11, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.

  • CVE-2022-25796Apr 11, 2022
    risk 0.00cvss epss 0.01

    A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a…

  • CVE-2022-25792Apr 11, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2022-25790Apr 11, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.

  • CVE-2022-25791Apr 11, 2022
    risk 0.00cvss epss 0.01

    A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files.

  • CVE-2022-25789Apr 11, 2022
    risk 0.00cvss epss 0.02

    A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.

  • CVE-2022-25794Apr 11, 2022
    risk 0.00cvss epss 0.01

    An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code 'ABC' files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This…

  • CVE-2021-40167Jan 25, 2022
    risk 0.00cvss epss 0.08

    A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current…

  • CVE-2021-40158Jan 25, 2022
    risk 0.00cvss epss 0.03

    A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the…

  • CVE-2021-40159Jan 25, 2022
    risk 0.00cvss epss 0.02

    An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.

  • CVE-2021-40161Dec 23, 2021
    risk 0.00cvss epss 0.01

    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.

  • CVE-2021-40160Dec 23, 2021
    risk 0.00cvss epss 0.02

    PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-40156Sep 15, 2021
    risk 0.00cvss epss 0.01

    A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-40155Sep 15, 2021
    risk 0.00cvss epss 0.01

    A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-27046Sep 15, 2021
    risk 0.00cvss epss 0.00

    A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.

  • CVE-2021-27045Sep 15, 2021
    risk 0.00cvss epss 0.01

    A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-40157Sep 15, 2021
    risk 0.00cvss epss 0.01

    A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system.

  • CVE-2021-27044Sep 15, 2021
    risk 0.00cvss epss 0.01

    A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.

  • CVE-2021-27038Jul 9, 2021
    risk 0.00cvss epss 0.02

    A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code.

  • CVE-2021-27037Jul 9, 2021
    risk 0.00cvss epss 0.02

    A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code.

  • CVE-2021-27035Jul 9, 2021
    risk 0.00cvss epss 0.02

    A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability in conjunction with other vulnerabilities could…

  • CVE-2021-27034Jul 9, 2021
    risk 0.00cvss epss 0.02

    A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.

  • CVE-2021-27033Jul 9, 2021
    risk 0.00cvss epss 0.03

    A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious…

  • CVE-2021-27043Jun 25, 2021
    risk 0.00cvss epss 0.01

    An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application.

  • CVE-2021-27042Jun 25, 2021
    risk 0.00cvss epss 0.02

    A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to…

  • CVE-2021-27032May 28, 2021
    risk 0.00cvss epss 0.00

    Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under elevated privileges.…

  • CVE-2021-27031Apr 19, 2021
    risk 0.00cvss epss 0.01

    A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.

  • CVE-2021-27029Apr 19, 2021
    risk 0.00cvss epss 0.01

    The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service.

  • CVE-2021-27028Apr 19, 2021
    risk 0.00cvss epss 0.02

    A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.

  • CVE-2021-27027Apr 19, 2021
    risk 0.00cvss epss 0.02

    An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure.

  • CVE-2021-21434Feb 8, 2021
    risk 0.00cvss epss 0.01

    Survey administrator can craft a survey in such way that malicious code can be executed in the agent interface (i.e. another agent who wants to make changes in the survey). This issue affects: OTRS AG Survey 6.0.x version 6.0.20 and prior versions; 7.0.x version 7.0.19 and prior…

  • CVE-2020-7079Apr 17, 2020
    risk 0.00cvss epss 0.00

    An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files.

  • CVE-2020-7085Apr 17, 2020
    risk 0.00cvss epss 0.01

    A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it.

  • CVE-2020-7084Apr 17, 2020
    risk 0.00cvss epss 0.01

    A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.

  • CVE-2020-7083Apr 17, 2020
    risk 0.00cvss epss 0.01

    An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.

  • CVE-2020-7082Apr 17, 2020
    risk 0.00cvss epss 0.02

    A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it.

  • CVE-2020-7081Apr 17, 2020
    risk 0.00cvss epss 0.01

    A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.

  • CVE-2020-7080Apr 17, 2020
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it.

  • CVE-2019-7366Dec 3, 2019
    risk 0.00cvss epss 0.01

    Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system.

  • CVE-2019-7365Dec 3, 2019
    risk 0.00cvss epss 0.00

    DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.

  • CVE-2019-7364Aug 23, 2019
    risk 0.00cvss epss 0.02

    DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An…

Page 6 of 7