Vulnerabilities > Autodesk > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-25 CVE-2021-40159 Information Exposure vulnerability in Autodesk products
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
local
low complexity
autodesk CWE-200
7.8
2022-01-25 CVE-2021-40167 Out-of-bounds Read vulnerability in Autodesk Design Review 2018
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation.
local
low complexity
autodesk CWE-125
7.8
2021-12-23 CVE-2021-40161 Out-of-bounds Write vulnerability in Autodesk products
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
local
low complexity
autodesk CWE-787
7.8
2021-05-28 CVE-2021-27032 Incorrect Default Permissions vulnerability in Autodesk Licensing Services 9.0.1.1462.100
Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues.
local
low complexity
autodesk CWE-276
7.8
2017-01-25 CVE-2016-9307 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
network
low complexity
autodesk CWE-119
7.5
2017-01-25 CVE-2016-9306 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
network
low complexity
autodesk CWE-119
7.5
2017-01-25 CVE-2016-9305 Data Processing Errors vulnerability in Autodesk FBX Software Development KIT
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
network
low complexity
autodesk CWE-19
7.5
2017-01-25 CVE-2016-9303 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
network
low complexity
autodesk CWE-119
7.5
2016-03-28 CVE-2016-2344 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk Backburner 2016.0.0.2150
Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command.
network
low complexity
autodesk CWE-119
7.8
2014-02-22 CVE-2014-0818 Code Injection vulnerability in Autodesk Autocad
Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path.
network
low complexity
autodesk CWE-94
7.5