CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-27912
https://notcve.org/view.php?id=CVE-2023-27912
14 Apr 2023 — A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-27913
https://notcve.org/view.php?id=CVE-2023-27913
14 Apr 2023 — A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-27914
https://notcve.org/view.php?id=CVE-2023-27914
14 Apr 2023 — A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-27915
https://notcve.org/view.php?id=CVE-2023-27915
14 Apr 2023 — A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-33888
https://notcve.org/view.php?id=CVE-2022-33888
03 Oct 2022 — A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo Dwg2Spd diseñado de forma maliciosa cuando es procesado mediante la aplicación Autodesk DWG podría conllevar a una vulnerabilidad de corrupción de memoria por violación de acceso de escritura. Esta vulnerabilidad, junt... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2022-33889
https://notcve.org/view.php?id=CVE-2022-33889
03 Oct 2022 — A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. Un archivo GIF o JPEG diseñado de forma maliciosa cuando es analizado mediante Autodesk Design Review versión 2018 y AutoCAD versiones 2023 y 2022, podría usarse para escribir más allá del búfer de la pila asignado. Esta vulnerabilidad podría conllevar a una ejecución de código ar... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2022-33890
https://notcve.org/view.php?id=CVE-2022-33890
03 Oct 2022 — A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo PCT o DWF malicioso cuando se consume a través de la aplicación DesignReview.exe podría llevar a una vulnerabilidad de corrupción de memoria por violación de acceso de lectura. Esta vulnerabilidad, junto con otr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2022-33884 – Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-33884
29 Sep 2022 — Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. El análisis de un archivo X_B diseñado de forma maliciosa puede obligar a Autodesk AutoCAD versiones 2023 y 2022, a leer más allá de los límites asignados. Esta vulnerabilidad, junto con otras, podría conllevar a una ejecución de código en el contexto del proceso ac... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-33885 – Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-33885
29 Sep 2022 — A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. Un archivo X_B, CATIA y PDF diseñado de forma maliciosa cuando es analizado mediante Autodesk AutoCAD versiones 2023 y 2022, puede usarse para escribir más allá del búfer asignado. Esta vulnerabilidad puede conllevar a una ejecución de código arbitrario This vulnerability allows remote attackers to execute... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-33886 – Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-33886
29 Sep 2022 — A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023, 2022, 2021, 2020, and Maya 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files, which causes an unhandled exception. A malicious actor could leverage this vulnerability to execute arbitrary code. Un archivo MODEL y SLDPRT diseñado de forma maliciosa puede usarse para escribir más allá del búfer asignado mientras e... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 • CWE-755: Improper Handling of Exceptional Conditions •