Page 2 of 143 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

13 Mar 2025 — A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

13 Mar 2025 — A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

13 Mar 2025 — A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 • CWE-457: Use of Uninitialized Variable •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

29 Oct 2024 — A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza a través de Autodesk AutoCAD y ciertos productos basados en AutoCAD, puede provocar un desbordamiento de búfer en la región stack de la memoria ... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

29 Oct 2024 — A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza a través de Autodesk AutoCAD y ciertos productos basados en AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado puede ap... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

29 Oct 2024 — A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de corrupción de memoria. Un actor malintencionado puede aprovechar esta vulnerabili... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0

29 Oct 2024 — A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de escritura fuera de los límites. Un actor malintencionado puede aprovechar esta... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

29 Oct 2024 — A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza en CC5Dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de lectura fuera de los límites. Un actor malintencionado puede aprovechar ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

29 Oct 2024 — A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en atf_api.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de tipo Use-After-Free. Un actor malintencionado puede aprovechar esta vulnerabilidad... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

29 Oct 2024 — A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en odxsw_dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de corrupción de memoria. Un actor malintencionado puede aprovechar esta... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •