Autodesk AutoCAD

CPE Details

Autodesk AutoCAD
autodesk
autocad
-
2007-08-23
19h05 +00:00
2007-09-14
15h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:autodesk:autocad:-:*:*:*:*:*:*:*

Informations

Vendor

autodesk

Product

autocad

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-33889 2022-10-03 12h22 +00:00 A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.
7.8
High
CVE-2022-33890 2022-10-02 22h00 +00:00 A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
7.8
High
CVE-2022-25795 2022-04-12 22h00 +00:00 A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 may lead to remote code execution through maliciously crafted DWG files.
7.8
High
CVE-2021-40161 2021-12-23 17h31 +00:00 A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
7.8
High
CVE-2021-27039 2021-07-09 12h18 +00:00 A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code.
7.8
High
CVE-2014-0818 2014-02-22 20h00 +00:00 Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path.
7.5
CVE-2014-0819 2014-02-22 20h00 +00:00 Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
4.4
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.