Vulnerabilities > Autodesk > DWG Trueview
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-07 | CVE-2021-40165 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. | 7.8 |
2022-10-07 | CVE-2021-40166 | Use After Free vulnerability in Autodesk products A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. | 7.8 |
2022-04-13 | CVE-2022-25797 | Out-of-bounds Write vulnerability in Autodesk DWG Trueview 2021/2022 A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to dereference for a write beyond the allocated buffer while parsing PDF files. | 7.8 |
2022-04-13 | CVE-2022-27523 | Out-of-bounds Read vulnerability in Autodesk DWG Trueview A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. | 5.8 |
2022-04-13 | CVE-2022-27524 | Out-of-bounds Read vulnerability in Autodesk DWG Trueview An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. | 5.8 |
2021-06-25 | CVE-2021-27040 | Out-of-bounds Read vulnerability in multiple products A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. | 4.3 |
2021-06-25 | CVE-2021-27043 | Out-of-bounds Write vulnerability in Autodesk products An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. | 6.8 |
2013-07-18 | CVE-2013-3665 | Unspecified vulnerability in Autodesk products Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. network autodesk | 6.8 |