CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23138 – Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software
https://notcve.org/view.php?id=CVE-2024-23138
17 Mar 2024 — A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados cuando se analiza mediante Autodesk DWG TrueView se puede utilizar para provocar un desbordamiento en la región stack de la memoria . Un actor malintencionado puede aprovechar esta vulnerabil... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0006 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23137 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23137
22 Feb 2024 — A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. Un archivo STP o SLDPRT creado con fines malintencionados cuando ODXSW_DLL.dll se analiza mediante Autodesk AutoCAD se puede utilizar para variables no inicializadas. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código en e... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23134 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23134
22 Feb 2024 — A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo IGS creado con fines malintencionados cuando tbb.dll se analiza a través de Autodesk AutoCAD se puede utilizar en una vulnerabilidad de user-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código en el proceso actual. ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23133 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23133
22 Feb 2024 — A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo STP creado con fines malintencionados en ASMDATAX228A.dll cuando se analiza mediante Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritura. Esta vul... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23131 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23131
22 Feb 2024 — A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo STP creado con fines malintencionados en ASMKERN228A.dll o ASMDATAX228A.dll cuando se analiza mediante Autodesk AutoCAD podría provocar una vulnerabi... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23130 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23130
22 Feb 2024 — A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo SLDASM o SLDPRT creado con fines malintencionados en ODXSW_DLL.dll cuando se analiza a través de Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por infracción de ac... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23129 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23129
22 Feb 2024 — A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo MODEL 3DM, STP o SLDASM creado con fines malintencionados en opennurbs.dll cuando se analiza a través de Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23128 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23128
22 Feb 2024 — A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. Un archivo MODEL creado con fines malintencionados en libodxdll.dll cuando se analiza mediante Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por infracción de acces... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23127 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23127
22 Feb 2024 — A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo MODEL, SLDPRT o SLDASM creado con fines malintencionados cuando se analiza VCRUNTIME140.dll a través de Autodesk AutoCAD se puede utilizar para provocar un desbordamiento d... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23123 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23123
22 Feb 2024 — A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk applications, can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados, cuando se analiza en CC5Dll.dll y ASMBASE228A.dll a través de Autodesk AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado pued... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •