Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Autodesk Subscribe
Total 139 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27524 1 Autodesk 1 Dwg Trueview 2022-04-21 5.8 MEDIUM 7.1 HIGH
An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27523 1 Autodesk 1 Dwg Trueview 2022-04-21 5.8 MEDIUM 7.1 HIGH
A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27528 1 Autodesk 1 Navisworks 2022-04-19 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVE-2022-25791 1 Autodesk 11 Advance Steel, Autocad, Autocad Architecture and 8 more 2022-04-19 4.4 MEDIUM 7.8 HIGH
A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files.
CVE-2022-25790 1 Autodesk 11 Advance Steel, Autocad, Autocad Architecture and 8 more 2022-04-19 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.
CVE-2022-25789 1 Autodesk 10 Advance Steel, Autocad, Autocad Architecture and 7 more 2022-04-19 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVE-2022-25792 1 Autodesk 11 Advance Steel, Autocad, Autocad Architecture and 8 more 2022-04-18 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code.
CVE-2022-25796 1 Autodesk 1 Navisworks 2022-04-18 6.8 MEDIUM 7.8 HIGH
A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVE-2021-27034 1 Autodesk 1 Design Review 2021-12-08 6.8 MEDIUM 7.8 HIGH
A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. This vulnerability can be exploited to execute arbitrary code.
CVE-2021-27046 1 Autodesk 1 Navisworks 2021-09-28 4.4 MEDIUM 7.8 HIGH
A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
CVE-2021-27045 1 Autodesk 1 Navisworks 2021-09-28 6.8 MEDIUM 7.8 HIGH
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
CVE-2021-40156 1 Autodesk 1 Navisworks 2021-09-28 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
CVE-2021-40155 1 Autodesk 1 Navisworks 2021-09-28 6.8 MEDIUM 7.8 HIGH
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
CVE-2021-27031 1 Autodesk 1 Fbx Review 2021-09-16 9.3 HIGH 7.8 HIGH
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.
CVE-2021-27027 1 Autodesk 1 Fbx Review 2021-09-16 6.8 MEDIUM 7.8 HIGH
An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to code execution through maliciously crafted DLL files or information disclosure.
CVE-2021-27028 1 Autodesk 1 Fbx Review 2021-09-16 6.8 MEDIUM 7.8 HIGH
A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.
CVE-2021-27030 1 Autodesk 1 Fbx Review 2021-09-16 9.3 HIGH 7.8 HIGH
A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system.
CVE-2021-27029 1 Autodesk 1 Fbx Review 2021-09-16 4.3 MEDIUM 5.5 MEDIUM
The user may be tricked into opening a malicious FBX file which may exploit a Null Pointer Dereference vulnerability in FBX's Review version 1.5.0 and prior causing the application to crash leading to a denial of service.
CVE-2019-7362 1 Autodesk 1 Design Review 2021-07-21 6.8 MEDIUM 7.8 HIGH
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.
CVE-2019-7365 1 Autodesk 1 Autodesk Desktop 2021-07-21 4.4 MEDIUM 7.8 HIGH
DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.