Vulnerabilities > Autodesk > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-33888 Out-of-bounds Write vulnerability in Autodesk products
A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation.
local
low complexity
autodesk CWE-787
7.8
2022-10-03 CVE-2022-33889 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer.
local
low complexity
autodesk CWE-787
7.8
2022-10-03 CVE-2022-33890 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation.
local
low complexity
autodesk CWE-787
7.8
2022-10-03 CVE-2022-41301 Out-of-bounds Write vulnerability in Autodesk Subassembly Composer
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation.
local
low complexity
autodesk CWE-787
7.8
2022-08-10 CVE-2022-25793 Improper Validation of Specified Quantity in Input vulnerability in Autodesk 3DS MAX 2021/2021.3.8/2022
A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code files.
local
low complexity
autodesk CWE-1284
7.8
2022-07-29 CVE-2022-27864 Double Free vulnerability in Autodesk Design Review
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations.
network
low complexity
autodesk CWE-415
8.8
2022-07-29 CVE-2022-27865 Out-of-bounds Write vulnerability in Autodesk Design Review
A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files.
local
low complexity
autodesk CWE-787
7.8
2022-07-29 CVE-2022-27866 Out-of-bounds Read vulnerability in Autodesk Design Review
A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file.
local
low complexity
autodesk CWE-125
7.8
2022-07-29 CVE-2022-27873 XXE vulnerability in Autodesk Fusion 360
An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser.
local
low complexity
autodesk CWE-611
7.8
2022-07-29 CVE-2022-33881 Out-of-bounds Read vulnerability in Autodesk products
Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries.
local
low complexity
autodesk CWE-125
7.8