CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1427 – CATPRODUCT File Parsing Uninitialized Variable Vulnerability
https://notcve.org/view.php?id=CVE-2025-1427
13 Mar 2025 — A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7992 – Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7992
29 Oct 2024 — A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza a través de Autodesk AutoCAD y ciertos productos basados en AutoCAD, puede provocar un desbordamiento de búfer en la región stack de la memoria ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-7991 – Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7991
29 Oct 2024 — A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza a través de Autodesk AutoCAD y ciertos productos basados en AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado puede ap... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-9997 – Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9997
29 Oct 2024 — A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de corrupción de memoria. Un actor malintencionado puede aprovechar esta vulnerabili... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-9996 – Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9996
29 Oct 2024 — A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de escritura fuera de los límites. Un actor malintencionado puede aprovechar esta... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9489 – Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9489
29 Oct 2024 — A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, al analizarse en ACAD.exe a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de corrupción de memoria. Un actor malintencionado puede aprovechar esta vulnerabilidad para... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8896 – Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8896
29 Oct 2024 — A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DXF creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede obligar a acceder a una variable antes de la inicialización. Un actor malintencionado puede aprovecha... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8592 – Autodesk AutoCAD CATPART File Parsing Memory Corruption Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8592
29 Oct 2024 — A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza en AcTranslators.exe a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de corrupción de memoria. Un actor malintencionado puede aprov... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-9827 – Autodesk AutoCAD ACTranslators CATPART File Parsing Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-9827
29 Oct 2024 — A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza en CC5Dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de lectura fuera de los límites. Un actor malintencionado puede aprovechar ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-9826 – Autodesk AutoCAD ACTranslators 3DM File Parsing Use-After-Free Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9826
29 Oct 2024 — A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en atf_api.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de tipo Use-After-Free. Un actor malintencionado puede aprovechar esta vulnerabilidad... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-416: Use After Free •