Vulnerabilities > Autodesk > DWG Trueview

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2021-40165 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files.
local
low complexity
autodesk CWE-787
7.8
2022-10-07 CVE-2021-40166 Use After Free vulnerability in Autodesk products
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them.
local
low complexity
autodesk CWE-416
7.8
2022-04-13 CVE-2022-25797 Out-of-bounds Write vulnerability in Autodesk DWG Trueview 2021/2022
A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to dereference for a write beyond the allocated buffer while parsing PDF files.
local
low complexity
autodesk CWE-787
7.8
2022-04-13 CVE-2022-27523 Out-of-bounds Read vulnerability in Autodesk DWG Trueview
A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input.
network
autodesk CWE-125
5.8
2022-04-13 CVE-2022-27524 Out-of-bounds Read vulnerability in Autodesk DWG Trueview
An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input.
network
autodesk CWE-125
5.8
2021-06-25 CVE-2021-27040 Out-of-bounds Read vulnerability in multiple products
A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file.
4.3
2021-06-25 CVE-2021-27043 Out-of-bounds Write vulnerability in Autodesk products
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths.
network
autodesk CWE-787
6.8
2013-07-18 CVE-2013-3665 Unspecified vulnerability in Autodesk products
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
network
autodesk
6.8