CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23150 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23150
18 Jun 2024 — A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo PRT creado con fines malintencionados, cuando se analiza en odxug_dll.dll a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilida... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23153 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23153
18 Jun 2024 — A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo MODEL creado con fines malintencionados, cuando se analiza en libodx.dll a través de aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad par... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-36999 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-36999
18 Jun 2024 — A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilid... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23156 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23156
18 Jun 2024 — A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll y ASMkern229A.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acce... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23157 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23157
18 Jun 2024 — A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo SLDASM o SLDPRT creado con fines malintencionados, cuando se analiza en ODXSW_DLL.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritu... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23159 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23159
18 Jun 2024 — A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo STP creado con fines malintencionados, cuando se analiza en stp_aim_x64_vc15d.dll a través de aplicaciones de Autodesk, se puede utilizar para variables no inicializadas. Esta vulnerabilidad, junto con otras vulnerabilidades, puede provocar la ejecución de... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-457: Use of Uninitialized Variable •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23140 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23140
13 Jun 2024 — A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM y MODEL creado con fines malintencionados, cuando se analiza en opennurbs.dll y atf_api.dll mediante aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintenci... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23141 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23141
13 Jun 2024 — A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo MODEL creado con fines malintencionados, cuando se analiza en libodxdll a través de aplicaciones de Autodesk, puede provocar una doble liberación. Esta vulnerabilidad, junto con otras vulnerabilidades, puede provocar la ejecución de código en el proceso actual. This vulnerability ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-415: Double Free •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23142 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23142
13 Jun 2024 — A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo CATPART, STP y MODEL creado con fines malintencionados, cuando se analiza en atf_dwg_consumer.dll, rose_x64_vc15.dll y libodxdll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad d... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23138 – Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software
https://notcve.org/view.php?id=CVE-2024-23138
17 Mar 2024 — A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados cuando se analiza mediante Autodesk DWG TrueView se puede utilizar para provocar un desbordamiento en la región stack de la memoria . Un actor malintencionado puede aprovechar esta vulnerabil... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0006 • CWE-121: Stack-based Buffer Overflow •