CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-37008 – Stack-based Overflow Vulnerability in Revit Software
https://notcve.org/view.php?id=CVE-2024-37008
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0013 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-25002
https://notcve.org/view.php?id=CVE-2023-25002
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 88EXPL: 0CVE-2021-40162
https://notcve.org/view.php?id=CVE-2021-40162
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. Los archivos TIF, PICT, TGA o RLC diseñados de forma maliciosa en el componente de procesamiento de imágenes de Autodesk pueden ser forzados a leer más allá de los límites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 88EXPL: 0CVE-2021-40164
https://notcve.org/view.php?id=CVE-2021-40164
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. Podría producirse un desbordamiento del búfer en la región heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 88EXPL: 0CVE-2021-40166
https://notcve.org/view.php?id=CVE-2021-40166
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code. Un archivo PNG diseñado de forma maliciosa en el componente de procesamiento de imágenes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar código arbitrario • https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011 • CWE-416: Use After Free •