CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23122 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23122
22 Feb 2024 — A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo 3DM creado con fines malintencionados, cuando se analiza en opennurbs.dll a través de Autodesk AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para pr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-23120 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23120
21 Feb 2024 — A maliciously crafted STP and STEP file when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll and through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo STP creado con fines malintencionados cuando se analiza en ASMIMPORT228A.dll a través de Autodesk AutoCAD puede forzar una escritura fuera de los límites. Un actor malintencionado puede... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-0446 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-0446
21 Feb 2024 — A maliciously crafted STP, CATPART or MODEL file when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo STP, CATPART o MODEL creado con fines malintencionados cuando se analiza en ASMKERN228A.dll a través de Autodesk AutoCAD puede forzar una escritura fuera de los límites. Un actor mali... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-23121 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23121
12 Feb 2024 — A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk applications can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo MODEL creado con fines malintencionados cuando se analiza en libodxdll.dll a través de Autodesk AutoCAD puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para pr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23125 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23125
12 Feb 2024 — A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk AutoCAD can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo SLDPRT creado con fines malintencionados cuando se analiza ODXSW_DLL.dll a través de Autodesk AutoCAD se puede utilizar para provocar un desbordamiento en la región stack de la memoria. Un actor malintencionado puede ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23126 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23126
12 Feb 2024 — A maliciously crafted CATPART file in CC5Dll.dll when parsed through Autodesk AutoCAD can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo CATPART creado con fines malintencionados cuando se analiza CC5Dll.dll a través de Autodesk AutoCAD se puede utilizar para provocar un desbordamiento en la región stack de la memoria. Un actor malintencionado puede a... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23132 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23132
12 Feb 2024 — A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. Un archivo STP creado con fines malintencionados en atf_dwg_consumer.dll cuando se analiza mediante Autodesk AutoCAD podría provocar una vulnerabilidad de corrupción de memoria por infracción de acceso de escritura. ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23136 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23136
12 Feb 2024 — A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo STP creado con fines malintencionados cuando ASMKERN228A.dll se analiza mediante Autodesk AutoCAD se puede utilizar para eliminar la referencia a un puntero que no es de confianza. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la eje... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23124 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23124
12 Feb 2024 — A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo STP creado con fines malintencionados cuando se analiza en ASMIMPORT228A.dll a través de Autodesk AutoCAD puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para pr... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23135 – Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
https://notcve.org/view.php?id=CVE-2024-23135
12 Feb 2024 — A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. Un archivo SLDPRT creado con fines malintencionados cuando ASMkern228A.dll se analiza a través de Autodesk AutoCAD se puede utilizar en una vulnerabilidad de user-after-free. Esta vulnerabilidad, junto con otras vulnerabilidades, podría provocar la ejecución de código ... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 • CWE-416: Use After Free •