Total
12951 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8597 | 2 Autodesk, Microsoft | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-08-26 | 7.8 High |
| A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8596 | 2 Autodesk, Microsoft | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-08-26 | 7.8 High |
| A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8594 | 2 Autodesk, Microsoft | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-08-26 | 7.8 High |
| A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8593 | 2 Autodesk, Microsoft | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-08-26 | 7.8 High |
| A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8592 | 2 Autodesk, Microsoft | 13 Advance Steel, Autocad, Autocad Advance Steel and 10 more | 2025-08-26 | 7.8 High |
| A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8591 | 2 Autodesk, Microsoft | 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more | 2025-08-26 | 7.8 High |
| A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-7992 | 1 Autodesk | 14 Advance Steel, Autocad, Autocad Advance Steel and 11 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-7991 | 1 Autodesk | 14 Advance Steel, Autocad, Autocad Advance Steel and 11 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-7673 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-7671 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12670 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-37008 | 1 Autodesk | 2 Revit, Revit Lt | 2025-08-26 | 7.8 High |
| A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2024-37894 | 2 Redhat, Squid-cache | 3 Enterprise Linux, Rhel Eus, Squid | 2025-08-26 | 6.3 Medium |
| Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. | ||||
| CVE-2024-12671 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12669 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12199 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-11422 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12200 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12198 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-12197 | 1 Autodesk | 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more | 2025-08-26 | 7.8 High |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||