CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8589 – Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-8589
29 Oct 2024 — A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en odxsw_dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de lectura fuera de los límites. Un actor malintencionado puede aprovec... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8588 – Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-8588
29 Oct 2024 — A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en odxsw_dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de lectura fuera de los límites. Un actor malintencionado puede aprovec... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8587 – Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-8587
29 Oct 2024 — A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en odxsw_dll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico. Un actor... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-7305 – DWF Vulnerability in Autodesk Desktop Software
https://notcve.org/view.php?id=CVE-2024-7305
19 Aug 2024 — A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute ar... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0014 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-37007 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-37007
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de use-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37005 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37005
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede forzar una lectura fuera de los límites. Un actor malintencionado puede aprovechar esta vulne... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23148 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23148
25 Jun 2024 — A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo CATPRODUCT creado con fines malintencionados, cuando se analiza en CC5Dll.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23147 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23147
25 Jun 2024 — A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un CATPART, X_B y STEP creados con fines malintencionados, cuando se analizan en ASMKERN228A.dll y ASMKERN229A.dll a través de aplicaciones de Autodesk, pueden provocar una vulnerabil... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23146 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23146
25 Jun 2024 — A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo X_B y X_T creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vu... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23154 – Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
https://notcve.org/view.php?id=CVE-2024-23154
18 Jun 2024 — A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en ODXSW_DLL.dll a través de aplicaciones de Autodesk, se puede utilizar para provocar un desbordamiento basado en montón. Un actor malintencionado ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 • CWE-122: Heap-based Buffer Overflow •