CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-37007 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-37007
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de use-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37005 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37005
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintencionado puede aprovechar esta vulne... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23148 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23148
25 Jun 2024 — A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo CATPRODUCT creado con fines malintencionados, cuando se analiza en CC5Dll.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23147 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23147
25 Jun 2024 — A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un CATPART, X_B y STEP creados con fines malintencionados, cuando se analizan en ASMKERN228A.dll y ASMKERN229A.dll a través de aplicaciones de Autodesk, pueden provocar una vulnerabil... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23146 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23146
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vu... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23154 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23154
18 Jun 2024 — A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en ODXSW_DLL.dll a través de aplicaciones de Autodesk, se puede utilizar para provocar un desbordamiento basado en montón. Un actor malintencionado ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23150 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23150
18 Jun 2024 — A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo PRT creado con fines malintencionados, cuando se analiza en odxug_dll.dll a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilida... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23151 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23151
18 Jun 2024 — A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en ASMkern229A.dll a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabi... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23153 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23153
18 Jun 2024 — A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo MODEL creado con fines malintencionados, cuando se analiza en libodx.dll a través de aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad par... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23158 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23158
18 Jun 2024 — A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. Un archivo IGES creado con fines malintencionados, cuando se analiza en ASMImport229A.dll a través de aplicaciones de Autodesk, puede usarse para provocar una vulnerabilidad de use-after-free. Un actor malintencionado puede aprove... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •