EUVD-2024-36594

Malicious code in bioql PyPI...

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

The vulnerability of the ASMkern229A.dll library in the AutoCAD simulation, design, and drafting software allows a perpetrator to execute arbitrary code.

The vulnerability of the ASMkern229A.dll library in AutoCAD’s modeling, design, and drawing software relates to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created MODEL file...

Autodesk AutoCAD Memory Misreference Vulnerability

Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. A memory misreference vulnerability exists in Autodesk AutoCAD version 2024.1.4, which stems from a mix-up in the instructions responsible for freeing memory during the parsing of ASMKERN229A.dll...

CVE-2024-23151

A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2024-23151 Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products

A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2024-23147

A maliciously crafted CATPART, XB and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

CVE-2024-37004 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-37002

CVE-2024-37002 concerns Autodesk AutoCAD: a vulnerability in parsing MODEL files via ASMkern229A.dll that can trigger use of uninitialized memory, potentially enabling code execution in the current process. The issue is tied to Autodesk AutoCAD’s MODEL handling and is described with an impact of ...

CVE-2024-37002 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-37002 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

Autodesk AutoCAD Security Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD version 2024.1.5, which originates when the Autodesk application parses maliciously crafted 3DM files in opennurbs.dll and ASMkern229A.dll, and can cau...