Total
7866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9826 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8600 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8599 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8598 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8597 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8596 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8595 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8594 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8593 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8591 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8590 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8589 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8588 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2022-46764 | 2 Microsoft, Trueconf | 2 Windows, Server | 2025-04-11 | N/A | 9.8 CRITICAL |
| A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution. | |||||
| CVE-2023-31132 | 2 Cacti, Microsoft | 2 Cacti, Windows | 2025-04-11 | N/A | 7.8 HIGH |
| Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-30299 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30300 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | N/A | 5.5 MEDIUM |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30301 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | N/A | 5.5 MEDIUM |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30302 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | N/A | 5.5 MEDIUM |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30303 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-04-11 | N/A | 5.5 MEDIUM |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||