CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2022-33890
https://notcve.org/view.php?id=CVE-2022-33890
03 Oct 2022 — A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo PCT o DWF malicioso cuando se consume a través de la aplicación DesignReview.exe podría llevar a una vulnerabilidad de corrupción de memoria por violación de acceso de lectura. Esta vulnerabilidad, junto con otr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2022-27871
https://notcve.org/view.php?id=CVE-2022-27871
21 Jun 2022 — Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. Las versiones del paquete de productos AutoCAD, Revit, Design Review y Navisworks que usan PDFTron versiones anteriores a 9.1.17, pueden escribir más allá del búfer asignado mientras analizan los archivos PDF. Esta vulnerabilidad puede ser explotada para ejecu... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2021-40161
https://notcve.org/view.php?id=CVE-2021-40161
23 Dec 2021 — A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version. Una vulnerabilidad de corrupción de memoria puede conducir a la ejecución de código a través de archivos DLL maliciosamente diseñados a través de PDFTron anterior a la versión 9.0.7 • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2021-40160 – Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-40160
23 Dec 2021 — PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code. PDFTron antes de la versión 9.0.7 puede ser forzado a leer más allá de los límites asignados al analizar un archivo PDF malicioso. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 47EXPL: 0CVE-2021-27041 – ICONICS GENESIS64 DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27041
25 Jun 2021 — A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be exploited to execute arbitrary code Un archivo DWG malicioso puede ser utilizado para escribir más allá del buffer asignado mientras se analizan los archivos DWG. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2019-7364
https://notcve.org/view.php?id=CVE-2019-7364
23 Aug 2019 — DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution. Vulnerabilidad de precarga de DLL en las versiones 2017, 2018, 2019 y 2020 de Autode... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7359
https://notcve.org/view.php?id=CVE-2019-7359
09 Apr 2019 — An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a hea... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7358
https://notcve.org/view.php?id=CVE-2019-7358
09 Apr 2019 — An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. Se presenta una vulne... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7361
https://notcve.org/view.php?id=CVE-2019-7361
09 Apr 2019 — An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. Un atacante puede convencer a una víctima... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7360
https://notcve.org/view.php?id=CVE-2019-7360
09 Apr 2019 — An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution. Una vulnerabilida... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-416: Use After Free •