CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37000 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37000
13 Jun 2024 — A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo X_B creado con fines malintencionados, cuando se analiza en pskernel.DLL a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritura.... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37001 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37001
13 Jun 2024 — [A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. [Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de aplicaciones de Autodesk, se puede utilizar para provocar un desbordamiento basado en montón. Un actor malintencionado pued... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37002 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37002
13 Jun 2024 — A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo MODEL creado con fines malintencionados, cuando se analiza en ASMkern229A.dll a través de aplicaciones de Autodesk, se puede utilizar para variables no inicializadas. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de códig... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-457: Use of Uninitialized Variable CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37003 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37003
13 Jun 2024 — A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG y SLDPRT creado con fines malintencionados, cuando se analiza en opennurbs.dll y ODXSW_DLL.dll a través de aplicaciones de Autodesk, se puede utilizar para provocar un desbordam... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37004 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37004
13 Jun 2024 — A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo SLDPRT creado con fines malintencionados, cuando se analiza en ASMKERN229A.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de use-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución d... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-37006 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-37006
13 Jun 2024 — A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo CATPRODUCT creado con fines malintencionados, cuando se analiza en CC5Dll.dll a través de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23138 – Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software
https://notcve.org/view.php?id=CVE-2024-23138
17 Mar 2024 — A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados cuando se analiza mediante Autodesk DWG TrueView se puede utilizar para provocar un desbordamiento en la región stack de la memoria . Un actor malintencionado puede aprovechar esta vulnerabil... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0006 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23137 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23137
22 Feb 2024 — A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo STP o SLDPRT creado con fines malintencionados cuando ODXSW_DLL.dll se analiza mediante Autodesk AutoCAD se puede utilizar para variables no inicializadas. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código en e... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23134 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23134
22 Feb 2024 — A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo IGS creado con fines malintencionados cuando tbb.dll se analiza a través de Autodesk AutoCAD se puede utilizar en una vulnerabilidad de user-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código en el proceso actual. ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23133 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23133
22 Feb 2024 — A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo STP creado con fines malintencionados en ASMDATAX228A.dll cuando se analiza mediante Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritura. Esta vul... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •