Lucene search
K

342 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:54 p.m.11 views

CVE-2022-42933

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

7.8CVSS7.7AI score0.00338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.6 views

CVE-2022-41310

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

7.8CVSS7.9AI score0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.6 views

CVE-2021-43280

A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attacker can leverage thi...

7.8CVSS7.3AI score0.01837EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 p.m.6 views

CVE-2021-27037

A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code...

7.8CVSS7.3AI score0.01606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 a.m.7 views

CVE-2019-7363

Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution...

7.8CVSS7.1AI score0.01298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:43 a.m.16 views

CVE-2021-31499

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:42 a.m.15 views

CVE-2021-31491

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:41 a.m.19 views

CVE-2021-31482

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:28 a.m.13 views

CVE-2021-31483

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:26 a.m.9 views

CVE-2021-31492

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:1 p.m.12 views

CVE-2024-7305

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:49 a.m.11 views

CVE-2024-7675

A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS7.4AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:32 a.m.13 views

CVE-2024-7674

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS7.5AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:20 a.m.12 views

CVE-2024-12670

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7.3AI score0.00329EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/20 12:0 a.m.11 views

Autodesk Navisworks Manage 25.0.x < 2025.4 Multiple Vulnerabilities (adsk-sa-2024-0027)

The version of Autodesk Navisworks Manage installed on the remote host is prior to 2025.4. It is, therefore, affected by multiple vulnerabilities as referenced in the adsk-sa-2024-0027 advisory. - A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds...

7.8CVSS6.2AI score0.00468EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/12/20 12:0 a.m.17 views

Autodesk Navisworks Simulate 25.0.x < 2025.4 Multiple Vulnerabilities (adsk-sa-2024-0027)

The version of Autodesk Navisworks Simulate installed on the remote host is prior to 2025.4. It is, therefore, affected by multiple vulnerabilities as referenced in the adsk-sa-2024-0027 advisory. - A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Boun...

7.8CVSS6.2AI score0.00468EPSS
Exploits0References15
Zero Day Initiative
Zero Day Initiative
added 2024/12/19 12:0 a.m.14 views

Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00262EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/12/19 12:0 a.m.13 views

Autodesk Navisworks Freedom DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00329EPSS
Exploits0References1
NVD
NVD
added 2024/12/17 4:15 p.m.27 views

CVE-2024-12670

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00329EPSS
Exploits0References1
NVD
NVD
added 2024/12/17 4:15 p.m.36 views

CVE-2024-12192

A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00262EPSS
Exploits0References1
Rows per page
Query Builder