Vulnerabilities > Autodesk
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-25001 | Use After Free vulnerability in Autodesk Navisworks 2022/2023 A maliciously crafted SKP file in Autodesk Navisworks 2023 and 2022 be used to trigger use-after-free vulnerability. | 7.8 |
| 2023-06-27 | CVE-2023-25002 | Use After Free vulnerability in Autodesk products A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. | 7.8 |
| 2023-06-27 | CVE-2023-25004 | Integer Overflow or Wraparound vulnerability in Autodesk products A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. | 7.8 |
| 2023-06-27 | CVE-2023-29068 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. | 7.8 |
| 2023-06-23 | CVE-2023-27908 | Uncontrolled Search Path Element vulnerability in Autodesk Installer A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability. | 7.8 |
| 2023-06-23 | CVE-2023-25003 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. | 7.8 |
| 2023-05-12 | CVE-2023-25005 | Uncontrolled Search Path Element vulnerability in Autodesk Infraworks A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | 7.8 |
| 2023-05-12 | CVE-2023-25006 | Use After Free vulnerability in Autodesk 3DS MAX USD A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution. | 7.8 |
| 2023-05-12 | CVE-2023-25007 | Access of Uninitialized Pointer vulnerability in Autodesk 3DS MAX USD A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution. | 7.8 |
| 2023-05-12 | CVE-2023-25008 | Out-of-bounds Read vulnerability in Autodesk 3DS MAX USD A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution. | 7.8 |