Filtered by vendor Autodesk
Subscribe
Total
171 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-27035 | 1 Autodesk | 1 Design Review | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA or DWF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
CVE-2021-27036 | 1 Autodesk | 1 Design Review | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted PCX, PICT, RCL, TIF, BMP, PSD or TIFF file can be used to write beyond the allocated buffer while parsing PCX, PDF, PICT, RCL, BMP, PSD or TIFF files. This vulnerability can be exploited to execute arbitrary code | |||||
CVE-2021-27030 | 1 Autodesk | 1 Fbx Review | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system. | |||||
CVE-2021-27029 | 1 Autodesk | 1 Fbx Review | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service. | |||||
CVE-2021-27032 | 1 Autodesk | 1 Licensing Services | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under elevated privileges. These weak permissions could allow all users on the operating system to modify the service configuration and take ownership of the service. | |||||
CVE-2021-27039 | 1 Autodesk | 2 Autocad, Design Review | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code. | |||||
CVE-2021-27027 | 1 Autodesk | 1 Fbx Review | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure. | |||||
CVE-2021-27038 | 1 Autodesk | 1 Design Review | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code. | |||||
CVE-2021-27031 | 1 Autodesk | 1 Fbx Review | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system. | |||||
CVE-2021-27043 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application. | |||||
CVE-2020-7084 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. | |||||
CVE-2020-7081 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it. | |||||
CVE-2020-7082 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it. | |||||
CVE-2020-7083 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application. | |||||
CVE-2020-7085 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it. | |||||
CVE-2020-7080 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it. | |||||
CVE-2020-7079 | 1 Autodesk | 1 Dynamo Bim | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files. | |||||
CVE-2019-7365 | 1 Autodesk | 1 Autodesk Desktop | 2024-02-28 | 4.4 MEDIUM | 7.8 HIGH |
DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system. | |||||
CVE-2019-7366 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system. | |||||
CVE-2019-7361 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. |