Vulnerabilities > Autodesk

DATE CVE VULNERABILITY TITLE RISK
2023-11-23 CVE-2023-29074 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write.
network
low complexity
autodesk CWE-787
critical
9.8
2023-11-23 CVE-2023-29075 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write.
network
low complexity
autodesk CWE-787
critical
9.8
2023-11-23 CVE-2023-29076 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk products
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability.
network
low complexity
autodesk CWE-119
critical
9.8
2023-11-23 CVE-2023-41139 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk products
A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer.
local
low complexity
autodesk CWE-119
7.8
2023-11-23 CVE-2023-41140 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow.
local
low complexity
autodesk CWE-787
7.8
2023-11-23 CVE-2023-29073 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow.
network
low complexity
autodesk CWE-787
critical
9.8
2023-11-22 CVE-2023-29069 Uncontrolled Search Path Element vulnerability in Autodesk Desktop Connector
A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs.
local
low complexity
autodesk CWE-427
7.8
2023-11-22 CVE-2023-41145 Unspecified vulnerability in Autodesk Customer Portal
Autodesk users who no longer have an active license for an account can still access cases for that account.
network
low complexity
autodesk
5.3
2023-11-22 CVE-2023-41146 Unspecified vulnerability in Autodesk Customer Portal
Autodesk Customer Support Portal allows cases created by users under an account to see cases created by other users on the same account.
network
low complexity
autodesk
4.3
2023-06-27 CVE-2023-25001 Use After Free vulnerability in Autodesk Navisworks 2022/2023
A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability.
local
low complexity
autodesk CWE-416
7.8