Filtered by vendor Autodesk
Subscribe
Total
362 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-7453 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 5.5 MEDIUM |
| A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition. | |||||
| CVE-2026-7450 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 5.5 MEDIUM |
| A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition. | |||||
| CVE-2026-0661 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 8.4 HIGH |
| A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0660 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 8.4 HIGH |
| A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0538 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 8.4 HIGH |
| A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0537 | 1 Autodesk | 1 3ds Max | 2026-06-03 | N/A | 8.4 HIGH |
| A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0535 | 1 Autodesk | 1 Fusion | 2026-06-03 | N/A | 8.1 HIGH |
| A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0534 | 1 Autodesk | 1 Fusion | 2026-06-03 | N/A | 8.1 HIGH |
| A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process. | |||||
| CVE-2026-0533 | 1 Autodesk | 1 Fusion | 2026-06-03 | N/A | 8.1 HIGH |
| A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in the context of the current process. | |||||
| CVE-2026-7451 | 1 Autodesk | 1 3ds Max | 2026-05-26 | N/A | 7.8 HIGH |
| A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2026-7452 | 1 Autodesk | 1 3ds Max | 2026-05-26 | N/A | 7.8 HIGH |
| A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2026-7454 | 1 Autodesk | 1 3ds Max | 2026-05-26 | N/A | 7.8 HIGH |
| A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2016-9305 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers. | |||||
| CVE-2016-9303 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files. | |||||
| CVE-2016-9304 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files. | |||||
| CVE-2016-9306 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files. | |||||
| CVE-2016-9307 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files. | |||||
| CVE-2015-8572 | 1 Autodesk | 1 Design Review | 2026-05-06 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a (1) BMP or (2) FLI file, (3) encoded scan lines in a PCX file, or (4) DataSubBlock or (5) GlobalColorTable in a GIF file. | |||||
| CVE-2014-3939 | 1 Autodesk | 1 Sketchbook Pro | 2026-05-06 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file. | |||||
| CVE-2014-9268 | 1 Autodesk | 1 Design Review | 2026-05-06 | 6.8 MEDIUM | N/A |
| The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file. | |||||