Filtered by vendor Autodesk
Subscribe
Total
221 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27870 | 1 Autodesk | 1 Autocad | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | |||||
| CVE-2022-27869 | 1 Autodesk | 1 Autocad | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code. | |||||
| CVE-2022-27868 | 1 Autodesk | 1 Autocad | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | |||||
| CVE-2022-27867 | 1 Autodesk | 1 Autocad | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | |||||
| CVE-2022-27866 | 1 Autodesk | 1 Design Review | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-27865 | 1 Autodesk | 1 Design Review | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. | |||||
| CVE-2022-27864 | 1 Autodesk | 1 Design Review | 2024-11-21 | N/A | 8.8 HIGH |
| A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2022-27532 | 1 Autodesk | 1 3ds Max | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution. | |||||
| CVE-2022-27531 | 1 Autodesk | 1 3ds Max | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-27530 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code. | |||||
| CVE-2022-27529 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code. | |||||
| CVE-2022-27528 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | |||||
| CVE-2022-27527 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020. | |||||
| CVE-2022-27526 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-27525 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-27524 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-27523 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-25797 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to dereference for a write beyond the allocated buffer while parsing PDF files. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. | |||||
| CVE-2022-25796 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2022-25795 | 1 Autodesk | 1 Autocad | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 may lead to remote code execution through maliciously crafted DWG files. | |||||