Vulnerabilities > Autodesk > Design Review
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-03 | CVE-2022-33889 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. | 7.8 |
| 2022-10-03 | CVE-2022-33890 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. | 7.8 |
| 2022-06-21 | CVE-2022-27871 | Allocation of Resources Without Limits or Throttling vulnerability in Autodesk products Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. | 6.8 |
| 2022-04-18 | CVE-2022-27525 | Out-of-bounds Write vulnerability in Autodesk Design Review A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. | 7.8 |
| 2022-04-18 | CVE-2022-27526 | Out-of-bounds Write vulnerability in Autodesk Design Review A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. | 6.8 |
| 2022-01-25 | CVE-2021-40167 | Out-of-bounds Read vulnerability in Autodesk Design Review 2018 A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. | 7.8 |
| 2021-12-23 | CVE-2021-40160 | Out-of-bounds Read vulnerability in Autodesk products PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. | 6.8 |
| 2021-12-23 | CVE-2021-40161 | Out-of-bounds Write vulnerability in Autodesk products A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version. | 7.8 |
| 2021-07-09 | CVE-2021-27033 | Double Free vulnerability in Autodesk Design Review A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. | 6.8 |
| 2021-07-09 | CVE-2021-27034 | Out-of-bounds Write vulnerability in Autodesk Design Review A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011. | 6.8 |