CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23157 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23157
18 Jun 2024 — A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo SLDASM o SLDPRT creado con fines malintencionados, cuando se analiza en ODXSW_DLL.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritu... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23158 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23158
18 Jun 2024 — A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. Un archivo IGES creado con fines malintencionados, cuando se analiza en ASMImport229A.dll a través de aplicaciones de Autodesk, puede usarse para provocar una vulnerabilidad de use-after-free. Un actor malintencionado puede aprove... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-36999 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-36999
18 Jun 2024 — A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilid... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23145 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23145
13 Jun 2024 — A maliciously crafted PRT file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo PRT creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad pa... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23140 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23140
13 Jun 2024 — A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM y MODEL creado con fines malintencionados, cuando se analiza en opennurbs.dll y atf_api.dll mediante aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintenci... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23142 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23142
13 Jun 2024 — A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo CATPART, STP y MODEL creado con fines malintencionados, cuando se analiza en atf_dwg_consumer.dll, rose_x64_vc15.dll y libodxdll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad d... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23143 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23143
13 Jun 2024 — A maliciously crafted 3DM, MODEL and X_B file, when parsed in ASMkern229A.dll and ASMBASE229A.dll through Autodesk applications, can force an Out-of-Bound Read and/or Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM, MODEL y X_B creado con fines malintencionados, cuando se analiza en ASMkern229A.dll y ASMBASE229A.dll a través de aplicaciones de Autodesk, puede forzar un... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23144 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23144
13 Jun 2024 — A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk applications, can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza en CC5Dll.dll y ASMBASE228A.dll mediante aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37000 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37000
13 Jun 2024 — A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo X_B creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritura.... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37001 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37001
13 Jun 2024 — [A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. [Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de aplicaciones de Autodesk, se puede utilizar para provocar un desbordamiento basado en montón. Un actor malintencionado pued... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-122: Heap-based Buffer Overflow •