Total
85 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7305 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-07-30 | N/A | 7.8 HIGH |
| A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1276 | 1 Autodesk | 17 Advance Steel, Autocad, Autocad Architecture and 14 more | 2025-07-30 | N/A | 7.8 HIGH |
| A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-23138 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-07-29 | N/A | 7.8 HIGH |
| A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1431 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1432 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1433 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1649 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1650 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1651 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1652 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1275 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Architecture and 9 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1430 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1427 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1428 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1429 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-37000 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | |||||
| CVE-2024-23149 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-23148 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | |||||
| CVE-2024-23147 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | |||||
| CVE-2024-23146 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||