CVSS: 4.3EPSS: 0%CPEs: 43EXPL: 0CVE-2021-27040 – ICONICS GENESIS64 DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-27040
25 Jun 2021 — A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code. Un archivo DWG diseñado maliciosamente puede ser forzado a leer más allá de los límites asignados al analizar el archivo DWG. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64. User interaction i... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0004 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2019-7364
https://notcve.org/view.php?id=CVE-2019-7364
23 Aug 2019 — DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution. Vulnerabilidad de precarga de DLL en las versiones 2017, 2018, 2019 y 2020 de Autode... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7359
https://notcve.org/view.php?id=CVE-2019-7359
09 Apr 2019 — An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a hea... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7358
https://notcve.org/view.php?id=CVE-2019-7358
09 Apr 2019 — An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution. Se presenta una vulne... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7361
https://notcve.org/view.php?id=CVE-2019-7361
09 Apr 2019 — An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. Un atacante puede convencer a una víctima... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7360
https://notcve.org/view.php?id=CVE-2019-7360
09 Apr 2019 — An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution. Una vulnerabilida... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0001 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 56EXPL: 0CVE-2013-3665 – AutoCAD DWG-AC1021 Heap Corruption
https://notcve.org/view.php?id=CVE-2013-3665
18 Jul 2013 — Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. Vulnerabilidad no especificada en Autodesk AutoCAD hasta 2014, AutoCAD LT hasta 2014 y DWG TrueView hasta 2014, permite a atacantes remotos ejecutar código arbitrario a través de un archivo DWG diseñado. AutoCAD DWG-AC1021 suffers from an arbitrary pointer dereference vulnerability that can be exploited to compromise a sy... • http://images.autodesk.com/adsk/files/Autodesk_AutoCAD_Code_Execution_Vulnerability_Hotfix_Readme.pdf •