Vulnerabilities > Autodesk > Navisworks

DATE CVE VULNERABILITY TITLE RISK
2024-09-30 CVE-2024-7670 Out-of-bounds Read vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read.
local
low complexity
autodesk CWE-125
7.8
7.8
2024-09-30 CVE-2024-7671 Out-of-bounds Write vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write.
local
low complexity
autodesk CWE-787
7.8
7.8
2024-09-30 CVE-2024-7672 Out-of-bounds Write vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write.
local
low complexity
autodesk CWE-787
7.8
7.8
2024-09-30 CVE-2024-7673 Out-of-bounds Write vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow.
local
low complexity
autodesk CWE-787
7.8
7.8
2024-09-30 CVE-2024-7674 Out-of-bounds Write vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow.
local
low complexity
autodesk CWE-787
7.8
7.8
2024-09-30 CVE-2024-7675 Use After Free vulnerability in Autodesk Navisworks 2025/2025.1/2025.2
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free.
local
low complexity
autodesk CWE-416
7.8
7.8
2023-06-27 CVE-2023-25001 Use After Free vulnerability in Autodesk Navisworks 2022/2023
A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability.
local
low complexity
autodesk CWE-416
7.8
7.8
2023-06-27 CVE-2023-25002 Use After Free vulnerability in Autodesk products
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability.
local
low complexity
autodesk CWE-416
7.8
7.8
2023-06-27 CVE-2023-25004 Integer Overflow or Wraparound vulnerability in Autodesk products
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities.
local
low complexity
autodesk CWE-190
7.8
7.8
2023-06-27 CVE-2023-29068 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities.
local
low complexity
autodesk CWE-787
7.8
7.8