CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1430 – SLDPRT File Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2025-1430
13 Mar 2025 — A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1429 – MODEL File Parsing Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-1429
13 Mar 2025 — A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1428 – CATPRODUCT File Parsing Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-1428
13 Mar 2025 — A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1427 – CATPRODUCT File Parsing Uninitialized Variable Vulnerability
https://notcve.org/view.php?id=CVE-2025-1427
13 Mar 2025 — A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12671 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12671
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12670 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12670
17 Dec 2024 — A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12669 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12669
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a maliciou... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12200 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12200
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12199 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12199
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12198 – DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software
https://notcve.org/view.php?id=CVE-2024-12198
17 Dec 2024 — A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0027 • CWE-787: Out-of-bounds Write •