Lucene search
+L
AutodeskDwg Trueview

22 matches found

CVE
CVE
added 2024/08/19 11:28 p.m.113 views

CVE-2024-7305

CVE-2024-7305 describes an Out-of-Bounds Write in AdDwfPdk.dll when parsing DWF files in Autodesk AutoCAD. The vulnerability arises in the DWF file handling code and can lead to a crash, data corruption, or arbitrary code execution in the context of the affected process. Evidence from multiple so...

7.8CVSS7.8AI score0.00208EPSS
CVE
CVE
added 2013/07/18 2:0 p.m.103 views

CVE-2013-3665

CVE-2013-3665 affects Autodesk AutoCAD (2011–2014), AutoCAD LT (2011–2014) and DWG TrueView (2011–2014). The root cause is a bounds-checking failure when processing DWG files, which could allow an attacker to trigger arbitrary code execution via a specially crafted DWG file. Impact is remote code...

6.8CVSS7.6AI score0.02665EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.102 views

CVE-2021-40163

CVE-2021-40163 is a memory corruption vulnerability in Autodesk Image Processing component that can lead to code execution via a malicious DLL. The NVD entry notes local attack vector, user interaction required, with a base score of 7.8 (HIGH). The issue is repeatedly described across sources as ...

7.8CVSS7.8AI score0.00918EPSS
CVE
CVE
added 2021/06/25 12:41 p.m.101 views

CVE-2021-27040

CVE-2021-27040 is an out-of-bounds read in the DWG file parsing path that affects ICONICS GENESIS64 (and related components) when importing DWG data. Root cause described across sources as improper validation of user-supplied data leading to reading past allocated buffers, enabling potential arbi...

4.3CVSS4.2AI score0.02743EPSS
CVE
CVE
added 2022/04/13 12:0 a.m.93 views

CVE-2022-25797

CVE-2022-25797 affects Autodesk AutoCAD 2019–2022 where a crafted PDF can trigger a buffer-overflow when parsing, due to improper handling that leads to an unhandled exception. The issue is tied to the PDF-parsing path in AutoCAD/TrueView, with confirmed impact described as a write beyond the all...

7.8CVSS7.6AI score0.01149EPSS
CVE
CVE
added 2021/06/25 12:41 p.m.84 views

CVE-2021-27043

CVE-2021-27043 affects Autodesk DWG/AutoCAD components due to an Arbitrary Address Write vulnerability. The issue allows writing to unexpected paths caused by memory corruption, with exploitation described as requiring the victim to enable full page heap in the application. Public references from...

7.8CVSS7.5AI score0.00876EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.84 views

CVE-2021-40166

CVE-2021-40166 affects Autodesk Image Processing: parsing of a malicious PNG can trigger a use-after-free by freeing an object that has already been freed, potentially allowing arbitrary code execution. Documented impact is arbitrary code execution; no specific remediation/version fixes are state...

7.8CVSS7.8AI score0.00918EPSS
CVE
CVE
added 2022/04/13 5:6 p.m.83 views

CVE-2022-27524

CVE-2022-27524 concerns Autodesk TrueView 2022, where an out-of-bounds read vulnerability occurs while processing a maliciously crafted DWG file. The issue may lead to exposure of sensitive information or a crash, and, in conjunction with other vulnerabilities, could result in code execution in t...

7.1CVSS7AI score0.01384EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.80 views

CVE-2021-40162

CVE-2021-40162 affects Autodesk Image Processing: a vulnerability where parsing TIFF/PICT/TGA/RLC files may cause reads beyond allocated boundaries, enabling arbitrary code execution. Root cause is in the image-processing component's handling of external image formats. Impact is high (AV Local, U...

7.8CVSS7.7AI score0.00918EPSS
CVE
CVE
added 2022/04/13 5:6 p.m.80 views

CVE-2022-27523

CVE-2022-27523 describes a buffer over-read in Autodesk TrueView 2022 triggered by a maliciously crafted DWG file. The issue can lead to exposure of sensitive information or a crash, and, when combined with other vulnerabilities, could enable code execution in the context of the current process. ...

7.1CVSS7.1AI score0.01384EPSS
CVE
CVE
added 2025/04/15 8:54 p.m.77 views

CVE-2025-1275

The CVE-2025-1275 entry concerns a heap-based overflow in JPG parsing when linked or imported into Autodesk applications. The vulnerability affects Autodesk products using JPG handling in affected workflows (e.g., AutoCAD/Revit-related components) and can allow a malicious actor to crash the appl...

7.8CVSS7.8AI score0.00365EPSS
CVE
CVE
added 2024/10/29 9:44 p.m.76 views

CVE-2024-9489

CVE-2024-9489 involves Autodesk AutoCAD where parsing a malicious DWG file in ACAD.exe can trigger a memory corruption vulnerability. The description and related sources indicate possible outcomes include a crash, reading/writing sensitive data, or arbitrary code execution within the process cont...

7.8CVSS7.8AI score0.00207EPSS
CVE
CVE
added 2024/10/29 9:45 p.m.76 views

CVE-2024-9997

Autodesk AutoCAD is affected by CVE-2024-9997 due to a vulnerability in acdb25.dll when parsing a malicious DWG file, causing memory corruption that can crash the process or allow arbitrary code execution. The issue is detailed across multiple feeds (NVD, Red Hat, CIRCL, ZDI) with the impact desc...

7.8CVSS7.8AI score0.00207EPSS
CVE
CVE
added 2024/10/29 9:50 p.m.75 views

CVE-2024-7992

Autodesk AutoCAD and certain AutoCAD-based products are affected by CVE-2024-7992 due to parsing a malicious DWG file that can trigger a stack-based buffer overflow. The vulnerability may crash the process, allow reading of sensitive data, or execute arbitrary code in the current process. Descrip...

7.8CVSS7.8AI score0.00213EPSS
CVE
CVE
added 2024/10/29 9:43 p.m.74 views

CVE-2024-8896

CVE-2024-8896 affects Autodesk AutoCAD via a vulnerability in acdb25.dll when parsing malicious DXF files. Root cause: accessing an uninitialized variable in memory, enabling arbitrary code execution or crashes in the current process. Documented impacts include crashing and potential data leakage...

7.8CVSS7.8AI score0.00202EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.73 views

CVE-2021-40164

This CVE affects Autodesk Image Processing. A heap-based buffer overflow can occur while parsing TIFF, PICT, TGA, or RLC files, enabling arbitrary code execution. Root cause: improper handling during image parsing. Impact is high per sources; exploitation is possible when processing malformed ima...

7.8CVSS8AI score0.00932EPSS
CVE
CVE
added 2024/10/29 9:45 p.m.71 views

CVE-2024-9996

CVE-2024-9996 affects Autodesk AutoCAD (acdb25.dll) via parsing a malicious DWG file, causing an Out-of-Bounds Write that can crash, corrupt data or allow arbitrary code execution in the current process. Exploitation requires user interaction (per CVSS) and is local. The issue is discussed in ZDI...

7.8CVSS7.8AI score0.00207EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.70 views

CVE-2021-40165

Summary: CVE-2021-40165 affects Autodesk Image Processing components. A crafted TIFF/PICT/TGA/RLC file can cause a write past the allocated buffer during parsing, potentially allowing arbitrary code execution. The CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector, low attack complexity, ...

7.8CVSS7.9AI score0.00918EPSS
CVE
CVE
added 2024/10/29 9:49 p.m.70 views

CVE-2024-7991

CVE-2024-7991 concerns Autodesk AutoCAD (and AutoCAD-based products) where parsing a malicious DWG file can trigger an Out-of-Bounds Write, potentially crashing the application, corrupting data, or executing arbitrary code in the current process. Public sources in the provided set identify the vu...

7.8CVSS7.8AI score0.00187EPSS
CVE
CVE
added 2022/12/19 12:0 a.m.68 views

CVE-2022-42945

DWG TrueView 2023 contains a DLL search order hijacking vulnerability leading to remote code execution (CVE-2022-42945). Root cause: DLL search order manipulation. Affected product: Autodesk DWG TrueView 2023. Evidence from multiple sources confirms the issue; exploitation is described as remote ...

7.8CVSS7.9AI score0.00255EPSS
CVE
CVE
added 2025/04/15 8:55 p.m.66 views

CVE-2025-1276

CVE-2025-1276 : A maliciously crafted DWG file, when parsed by Autodesk applications, can trigger an Out-of-Bounds Write vulnerability. Impacted behavior includes a crash, data corruption, or arbitrary code execution in the context of the affected process. The root cause is an out-of-bounds write...

7.8CVSS7.8AI score0.00285EPSS
CVE
CVE
added 2024/03/17 11:56 p.m.48 views

CVE-2024-23138

CVE-2024-23138 affects Autodesk DWG TrueView. The issue arises when parsing a malicious DWG file, causing a stack-based overflow in the TrueView parser. Reported impact includes a crash, potential data exposure, or arbitrary code execution within the process context. The CVSSv3.1 base score is 7....

7.8CVSS7.7AI score0.0047EPSS