Filtered by vendor Autodesk
Subscriptions
Total
358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10889 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-02-26 | 7.8 High |
| A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-10898 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-02-26 | 7.8 High |
| AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-10899 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-02-26 | 7.8 High |
| AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-10900 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-02-26 | 7.8 High |
| AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-37006 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2026-01-22 | 7.8 High |
| A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-37000 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2026-01-22 | 7.8 High |
| A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-23157 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2026-01-22 | 7.8 High |
| A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-23156 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2026-01-22 | 7.8 High |
| A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-23148 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2026-01-22 | 7.8 High |
| A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-23147 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2026-01-22 | 7.8 High |
| A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-12178 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2026-01-22 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23128 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-23127 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23126 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23125 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-12-31 | 7.8 High |
| A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-11422 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-12-31 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23142 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-12-31 | 7.8 High |
| A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-23141 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-12-31 | 7.8 High |
| A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-23140 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-12-31 | 7.8 High |
| A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-23138 | 1 Autodesk | 17 Aautocad Lt, Advance Steel, Autocad and 14 more | 2025-12-31 | 7.8 High |
| A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||