CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-5036 – RFA File Parsing Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-5036
02 Jun 2025 — A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Un archivo RFA manipulado con fines maliciosos, al vincularse o importarse a Autodesk Revit, puede forzar una vulnerabilidad de Use-After-Free. Un agente malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer d... • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0009 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1274 – RCS File Parsing Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2025-1274
15 Apr 2025 — A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0007 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1277 – PDF File Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2025-1277
15 Apr 2025 — A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0003 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1656 – PDF File Parsing Heap-based Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-1656
15 Apr 2025 — A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0003 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1273 – PDF File Parsing Heap-Based Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-1273
15 Apr 2025 — A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0003 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2497 – DWG File Parsing Stack-Based Buffer Vulnerability
https://notcve.org/view.php?id=CVE-2025-2497
15 Apr 2025 — A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0005 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-1275 – JPG File Parsing Heap-Based Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-1275
15 Apr 2025 — A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0006 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11608
https://notcve.org/view.php?id=CVE-2024-11608
09 Dec 2024 — A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0026 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11454 – Untrusted Search Path vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-11454
09 Dec 2024 — A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0025 • CWE-426: Untrusted Search Path •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11268 – PDF File Parsing Vulnerability in Autodesk Revit
https://notcve.org/view.php?id=CVE-2024-11268
09 Dec 2024 — A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak. • https://autodesk.com/trust/security-advisories/adsk-sa-2024-0024 • CWE-125: Out-of-bounds Read •