Lucene search
K

342 matches found

CVE
CVE
added 2024/09/30 8:30 p.m.71 views

CVE-2024-7675

CVE-2024-7675 affects Autodesk Navisworks (Navisworks Freedom/Manage/Simulate) where parsing a malicious DWF file triggers a Use-After-Free in w3dtk.dll, potentially allowing crash or arbitrary code execution in the current process. Exploitation is described as local with user interaction require...

7.8CVSS7.8AI score0.00213EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/30 8:30 p.m.19 views

CVE-2024-7675 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/30 8:30 p.m.16 views

CVE-2024-7675 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS7.8AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2024/09/30 8:30 p.m.65 views

CVE-2024-7674

CVE-2024-7674 affects Autodesk Navisworks where parsing a DWFX file via dwfcore.dll can trigger a heap-based buffer overflow, enabling a crash or arbitrary code execution in the current process. Affected products are Navisworks components that parse DWFX; exploitation is described as impacting th...

7.8CVSS6.9AI score0.00228EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/30 8:30 p.m.16 views

CVE-2024-7674 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS6.9AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/30 8:30 p.m.27 views

CVE-2024-7674 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/30 8:29 p.m.13 views

CVE-2024-7672 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current proce...

7.8CVSS6.9AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/30 8:29 p.m.27 views

CVE-2024-7672 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current proce...

7.8CVSS0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.6 views

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering, and construction from Autodesk, Inc. A buffer error vulnerability exists in Autodesk Navisworks version 2025, which stems from a maliciously crafted DWF file that can be forced to write out-of-bounds, and can be...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.6 views

The vulnerability of the DWF File Handler component in the AdDwfPdk.dll library of the AutoCAD modeling, design, and drawing software allows a malicious actor to execute arbitrary code.

The vulnerability of the DWF File Handler component in the AdDwfPdk.dll library of the AutoCAD modeling, design, and drawing software involves executing operations beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that t...

10CVSS7.7AI score0.00208EPSS
Exploits0References3Affected Software10
OSV
OSV
added 2024/08/20 12:15 a.m.3 views

CVE-2024-7305

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2024/08/20 12:15 a.m.19 views

CVE-2024-7305

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00208EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/20 12:0 a.m.7 views

Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DW...

7.8CVSS6.8AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/19 11:28 p.m.21 views

CVE-2024-7305 DWF Vulnerability in Autodesk Desktop Software

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2024/08/19 11:28 p.m.110 views

CVE-2024-7305

CVE-2024-7305 describes an Out-of-Bounds Write in AdDwfPdk.dll when parsing DWF files in Autodesk AutoCAD. The vulnerability arises in the DWF file handling code and can lead to a crash, data corruption, or arbitrary code execution in the context of the affected process. Evidence from multiple so...

7.8CVSS7.8AI score0.00208EPSS
Exploits0References1Affected Software11
Vulnrichment
Vulnrichment
added 2024/08/19 11:28 p.m.16 views

CVE-2024-7305 DWF Vulnerability in Autodesk Desktop Software

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.8AI score0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.7 views

PT-2024-5660 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. This issue can be leveraged by a malicious act...

10CVSS7AI score0.00208EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2024/08/10 12:0 a.m.3 views

PT-2024-7801 · Autodesk · Autodesk Navisworks +1

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. This issue allows a malicious actor to cause a...

7.8CVSS8.2AI score0.00228EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/08/10 12:0 a.m.2 views

PT-2024-7805 · Autodesk · Autodesk Navisworks

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. This vulnerability can be leveraged by a...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2024/02/07 12:0 a.m.32 views

Autodesk Design Review Multiple Vulnerabilities (adsk-sa-2021-0003)

The version of Autodesk Design Review installed on the remote Windows host is a version prior to 2018 hotfix 4. It is, therefore, affected by multiple vulnerabilities. - A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013,...

7.8CVSS8AI score0.02208EPSS
Exploits0References4
Rows per page
Query Builder