CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11608
https://notcve.org/view.php?id=CVE-2024-11608
09 Dec 2024 — A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0026 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11454 – Untrusted Search Path vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-11454
09 Dec 2024 — A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0025 • CWE-426: Untrusted Search Path •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11268 – PDF File Parsing Vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-11268
09 Dec 2024 — A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0024 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-7991 – Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-7991
29 Oct 2024 — A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza a través de Autodesk AutoCAD y ciertos productos basados en AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado puede ap... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-9996 – Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9996
29 Oct 2024 — A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo DWG creado con fines malintencionados, cuando se analiza en acdb25.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de escritura fuera de los límites. Un actor malintencionado puede aprovechar esta... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7994 – Stack-Based Buffer Overflow Vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-7994
16 Oct 2024 — A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo RFA manipulado con fines malintencionados, cuando se analiza a través de Autodesk Revit, puede provocar un desbordamiento de búfer basado en pila. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, lee... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0017 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7993 – Out-of-Bounds Write Vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-7993
16 Oct 2024 — A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. Un archivo PDF manipulado con fines malintencionados, cuando se analiza a través de Autodesk Revit, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos con... • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0018 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37008 – Stack-based Overflow Vulnerability in Revit Software
https://notcve.org/view.php?id=CVE-2024-37008
21 Aug 2024 — A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0013 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-25002
https://notcve.org/view.php?id=CVE-2023-25002
27 Jun 2023 — A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 53EXPL: 0CVE-2023-25004
https://notcve.org/view.php?id=CVE-2023-25004
27 Jun 2023 — A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009 • CWE-190: Integer Overflow or Wraparound •