Vulnerabilities > Autodesk

DATE CVE VULNERABILITY TITLE RISK
2019-08-23 CVE-2019-7363 Use After Free vulnerability in Autodesk Design Review
Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018.
local
low complexity
autodesk CWE-416
7.8
7.8
2019-08-23 CVE-2019-7362 Uncontrolled Search Path Element vulnerability in Autodesk Design Review
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018.
local
low complexity
autodesk CWE-427
7.8
7.8
2019-04-09 CVE-2019-7361 Deserialization of Untrusted Data vulnerability in Autodesk products
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
local
low complexity
autodesk CWE-502
7.8
7.8
2019-04-09 CVE-2019-7360 Use After Free vulnerability in Autodesk products
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
local
low complexity
autodesk CWE-416
7.8
7.8
2019-04-09 CVE-2019-7359 Out-of-bounds Write vulnerability in Autodesk products
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
local
low complexity
autodesk CWE-787
7.8
7.8
2019-04-09 CVE-2019-7358 Out-of-bounds Write vulnerability in Autodesk products
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
local
low complexity
autodesk CWE-787
7.8
7.8
2017-01-25 CVE-2016-9307 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
network
low complexity
autodesk CWE-119
critical
 9.8
9.8
2017-01-25 CVE-2016-9306 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
network
low complexity
autodesk CWE-119
critical
 9.8
9.8
2017-01-25 CVE-2016-9305 Data Processing Errors vulnerability in Autodesk FBX Software Development KIT
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
network
low complexity
autodesk CWE-19
critical
 9.8
9.8
2017-01-25 CVE-2016-9304 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
network
low complexity
autodesk CWE-119
8.8
8.8