Lucene search
K
AutodeskRevit

35 matches found

CVE
CVE
added 2022/10/07 12:0 a.m.97 views

CVE-2021-40163

CVE-2021-40163 is a memory corruption vulnerability in Autodesk Image Processing component that can lead to code execution via a malicious DLL. The NVD entry notes local attack vector, user interaction required, with a base score of 7.8 (HIGH). The issue is repeatedly described across sources as ...

7.8CVSS7.8AI score0.00242EPSS
CVE
CVE
added 2023/06/23 12:0 a.m.89 views

CVE-2023-25003

CVE-2023-25003 affects Autodesk AutoCAD 2023 and Autodesk Maya 2022 via a malicious pskernel.dll that enables out-of-bounds read/write conditions, potentially leading to code execution. The issue is caused by a vulnerability in the pskernel.dll handling, with exploitation implied by references to...

7.8CVSS7.7AI score0.00251EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.83 views

CVE-2021-40166

CVE-2021-40166 affects Autodesk Image Processing: parsing of a malicious PNG can trigger a use-after-free by freeing an object that has already been freed, potentially allowing arbitrary code execution. Documented impact is arbitrary code execution; no specific remediation/version fixes are state...

7.8CVSS7.8AI score0.00242EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.83 views

CVE-2023-29068

CVE-2023-29068 : A maliciously crafted file consumed through the Autodesk pskernel.dll can cause memory corruption, which in conjunction with other vulnerabilities could lead to code execution in the context of the current process. The issue is associated with Autodesk products using pskernel.dll...

7.8CVSS7.9AI score0.00236EPSS
CVE
CVE
added 2021/12/23 6:31 p.m.82 views

CVE-2021-40161

Summary (CVE-2021-40161) : The issue affects PDFTron software; memory corruption can enable remote code execution when processing PDFs containing malicious DLL references. Root cause is errors in the mechanism that checks the path to dynamically loaded libraries (DLLs). Affected products are PDFT...

7.8CVSS7.8AI score0.01437EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.79 views

CVE-2021-40162

CVE-2021-40162 affects Autodesk Image Processing: a vulnerability where parsing TIFF/PICT/TGA/RLC files may cause reads beyond allocated boundaries, enabling arbitrary code execution. Root cause is in the image-processing component's handling of external image formats. Impact is high (AV Local, U...

7.8CVSS7.7AI score0.00242EPSS
CVE
CVE
added 2025/04/15 8:54 p.m.76 views

CVE-2025-1275

The CVE-2025-1275 entry concerns a heap-based overflow in JPG parsing when linked or imported into Autodesk applications. The vulnerability affects Autodesk products using JPG handling in affected workflows (e.g., AutoCAD/Revit-related components) and can allow a malicious actor to crash the appl...

7.8CVSS7.8AI score0.0034EPSS
CVE
CVE
added 2025/04/15 8:56 p.m.73 views

CVE-2025-1656

CVE-2025-1656 describes a Heap-Based Overflow in PDF parsing when linked or imported into Autodesk applications, leading to crash, data leakage, or arbitrary code execution in the current process. Multiple connected sources (NVD, Red Hat, CVE list, and Nessus plugin) consistently reference a PDF-...

7.8CVSS7.7AI score0.00244EPSS
CVE
CVE
added 2021/12/23 6:31 p.m.72 views

CVE-2021-40160

CVE-2021-40160 affects PDFTron before 9.0.7, where parsing a malicious PDF can read beyond allocated boundaries, enabling arbitrary code execution. The primary public details come from Autodesk/AutoCAD disclosures and ZDI notes: exploitation is possible via crafted PDF data, and some analyses ind...

7.8CVSS7.7AI score0.0154EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.72 views

CVE-2021-40164

This CVE affects Autodesk Image Processing. A heap-based buffer overflow can occur while parsing TIFF, PICT, TGA, or RLC files, enabling arbitrary code execution. Root cause: improper handling during image parsing. Impact is high per sources; exploitation is possible when processing malformed ima...

7.8CVSS8AI score0.00246EPSS
CVE
CVE
added 2022/06/21 2:23 p.m.72 views

CVE-2022-27871

CVE-2022-27871 affects Autodesk AutoCAD product suite, Revit, Design Review and Navisworks when using PDFTron prior to 9.1.17. The root cause is a boundary error while parsing PDF files, which can allow writing beyond the allocated buffer. This may enable arbitrary code execution on the affected ...

7.8CVSS8AI score0.00727EPSS
CVE
CVE
added 2024/12/09 5:42 p.m.71 views

CVE-2024-11268

CVE-2024-11268 concerns Autodesk Revit. A maliciously crafted PDF parsed by Revit can trigger an Out-of-Bounds Read, with the impact described as a crash or arbitrary memory leak. Documented measurements assign a Medium base score (CVSS 3.1) with local attack vector and user interaction required....

5.5CVSS5.4AI score0.00168EPSS
CVE
CVE
added 2025/04/15 8:58 p.m.70 views

CVE-2025-1274

Autodesk Revit is affected by CVE-2025-1274 via parsing of malicious RCS files, causing an Out-of-Bounds Write that can crash, corrupt data, or allow arbitrary code execution in the process. Affected product: Autodesk Revit (RCS parsing). Root cause: out-of-bounds write. Impact: crash, data corru...

7.8CVSS7.8AI score0.00204EPSS
CVE
CVE
added 2022/10/07 12:0 a.m.69 views

CVE-2021-40165

Summary: CVE-2021-40165 affects Autodesk Image Processing components. A crafted TIFF/PICT/TGA/RLC file can cause a write past the allocated buffer during parsing, potentially allowing arbitrary code execution. The CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector, low attack complexity, ...

7.8CVSS7.9AI score0.00242EPSS
CVE
CVE
added 2025/04/15 8:56 p.m.69 views

CVE-2025-1273

The CVE-2025-1273 issue affects Autodesk applications (notably when handling PDFs) due to a heap-based overflow in the PDF parsing path. A maliciously crafted PDF that is linked or imported can trigger a heap overflow, enabling a crash, potential data leakage, or arbitrary code execution within t...

7.8CVSS7.7AI score0.00191EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.68 views

CVE-2023-25002

CVE-2023-25002 concerns a use-after-free vulnerability triggered by a malicious SKP file in Autodesk products. Affected software is Autodesk products that process SKP files (e.g., Autodesk 3ds Max, Navisworks, SKP-related components) per multiple sources in the Connected set. Root cause is a use-...

7.8CVSS7.8AI score0.00349EPSS
CVE
CVE
added 2024/12/09 5:53 p.m.68 views

CVE-2024-11608

CVE-2024-11608 relates to Autodesk Revit and is triggered by a maliciously crafted SKP file that is linked or imported into Revit, leading to a heap-based overflow. The vulnerability can allow a crash, reading of sensitive data, or execution of arbitrary code within the current process. Descripti...

7.8CVSS7.5AI score0.00196EPSS
CVE
CVE
added 2025/04/15 8:55 p.m.68 views

CVE-2025-2497

CVE-2025-2497 relates to Autodesk Revit parsing a malicious DWG file, causing a Stack-Based Buffer Overflow and enabling arbitrary code execution in the context of the current process. Affected product: Autodesk Revit (DWG parsing functionality). Root cause: stack-based overflow triggered during ...

7.8CVSS7.9AI score0.00296EPSS
CVE
CVE
added 2025/04/15 8:55 p.m.65 views

CVE-2025-1276

CVE-2025-1276 : A maliciously crafted DWG file, when parsed by Autodesk applications, can trigger an Out-of-Bounds Write vulnerability. Impacted behavior includes a crash, data corruption, or arbitrary code execution in the context of the affected process. The root cause is an out-of-bounds write...

7.8CVSS7.8AI score0.00265EPSS
CVE
CVE
added 2025/04/15 8:57 p.m.65 views

CVE-2025-1277

CVE-2025-1277 is a memory corruption vulnerability in Autodesk applications triggered when parsing malicious PDF files, enabling arbitrary code execution in the affected process. Public sources describe the root cause as a PDF parsing issue leading to memory corruption; the attack vector is Local...

7.8CVSS7.8AI score0.00244EPSS
CVE
CVE
added 2025/06/02 4:55 p.m.64 views

CVE-2025-5036

Autodesk Revit is affected by CVE-2025-5036 due to a Use-After-Free in RFA file parsing. A maliciously crafted RFA file linked or imported into Revit can crash the process, read sensitive data, or execute arbitrary code in the current process. Exploitation requires user interaction and local acce...

7.8CVSS7.7AI score0.00169EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.62 views

CVE-2023-25004

CVE-2023-25004 involves a maliciously crafted pskernel.dll in Autodesk products that triggers an integer overflow vulnerability, potentially enabling code execution. Connected advisories document affected Autodesk components such as InfraWorks and VRED variants and describe exploitation possibili...

7.8CVSS8AI score0.00236EPSS
CVE
CVE
added 2024/12/09 5:48 p.m.62 views

CVE-2024-11454

CVE-2024-11454 is an untrusted search path vulnerability in Autodesk Revit. A maliciously crafted DLL placed in the same directory as an RVT file could be loaded by Revit, allowing arbitrary code execution in the current process due to an untrusted search path being used. The available documents ...

7.8CVSS7.8AI score0.00196EPSS
CVE
CVE
added 2024/10/16 9:47 p.m.62 views

CVE-2024-7994

CVE-2024-7994 affects Autodesk Revit via a stack-based buffer overflow in the parsing of RFA files. A maliciously crafted RFA file can cause a crash, potentially read sensitive data, or execute arbitrary code in the Revit process. Public details consistently identify the vulnerable component as t...

7.8CVSS7.7AI score0.00215EPSS
CVE
CVE
added 2024/08/21 10:2 a.m.61 views

CVE-2024-37008

The CVE describes a stack-based buffer overflow in Autodesk Revit triggered by parsing a malicious DWG file, enabling arbitrary code execution in the current process. Connected PT-Security data specifies affected Autodesk Revit versions prior to 2025 and provides remediation guidance: patch to fi...

7.8CVSS7.9AI score0.00235EPSS
CVE
CVE
added 2024/10/16 9:47 p.m.61 views

CVE-2024-7993

CVE-2024-7993 affects Autodesk Revit via a PDF parsing Out-of-Bounds Write. The vulnerability allows a malicious PDF to cause a crash, data corruption, or arbitrary code execution within the process. Impact : high (data confidentiality, integrity, availability affected). Access/Exploit : local at...

7.8CVSS7.8AI score0.00196EPSS
CVE
CVE
added 2006/02/10 11:0 a.m.59 views

CVE-2005-4710

Technical details for CVE-2005-4710 are not publicly available in the provided documents. Monitor for updates from official sources; no specific affected products, vulnerable components, exploits, or fixes are disclosed here.

4.6CVSS7AI score0.00593EPSS
CVE
CVE
added 2025/07/10 11:30 a.m.37 views

CVE-2025-5037

CVE-2025-5037 affects Autodesk Revit; a maliciously crafted RFA/RTE/RVT file can trigger a memory corruption vulnerability, enabling arbitrary code execution in the current process. The CVSS vector in the initial entry indicates local access, user interaction required, and high impact to confiden...

7.8CVSS7.1AI score0.00351EPSS
CVE
CVE
added 2025/07/24 5:11 p.m.36 views

CVE-2025-5039

The CVE-2025-5039 issue is described as a vulnerability in Autodesk applications where loading files with a maliciously crafted binary can trigger arbitrary code execution in the current process due to an untrusted search path. Affected products include Autodesk Navisworks Manage and other Autode...

7.8CVSS6.9AI score0.00175EPSS
CVE
CVE
added 2025/09/16 2:19 p.m.28 views

CVE-2025-8894

CVE-2025-8894 describes a heap-based overflow when parsing specially crafted PDF files in Autodesk products. The vulnerability affects Autodesk software that handles PDF parsing (e.g., Autodesk Revit and related components) and can lead to a crash, disclosure of sensitive data, or execution of ar...

7.8CVSS7.2AI score0.00162EPSS
CVE
CVE
added 2026/06/17 3:27 p.m.28 views

CVE-2026-1288

The CVE-2026-1288 entry concerns Autodesk Revit. A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Revit, can trigger a NULL pointer dereference in the processing path. Exploitation may crash the application, resulting in a denial-of-service condition. The pr...

5.5CVSS5.3AI score0.00116EPSS
CVE
CVE
added 2025/09/16 2:17 p.m.26 views

CVE-2025-8893

CVE-2025-8893 describes an Out-of-Bounds Write in Autodesk products triggered by parsing a malicious PDF. The issue affects Autodesk software that processes PDFs; root cause is a vulnerability in PDF parsing potentially allowing a local attacker to crash, corrupt data, or execute arbitrary code i...

7.8CVSS7.3AI score0.00162EPSS
CVE
CVE
added 2025/07/10 11:31 a.m.23 views

CVE-2025-5040

Autodesk Revit is affected by CVE-2025-5040: parsing a malicious RTE file can trigger a Heap-Based Overflow in the RTE parser, potentially causing a crash, reading sensitive data, or executing arbitrary code in the current process. Several connected sources corroborate heap overflow/RCE vectors v...

7.8CVSS7AI score0.00169EPSS
CVE
CVE
added 2025/07/22 4:2 p.m.19 views

CVE-2025-5042

CVE-2025-5042 concerns Autodesk Revit. A maliciously crafted RFA file parsed by Revit can trigger an Out-of-Bounds Read, potentially crashing the process, reading sensitive data, or executing arbitrary code in the current process context. This is evidenced across multiple connected sources descri...

7.8CVSS7.6AI score0.00163EPSS
CVE
CVE
added 2025/09/23 1:20 p.m.18 views

CVE-2025-8354

CVE-2025-8354 affects Autodesk Revit via a parsing-type confusion in RFA files. The vulnerability is triggered by a maliciously crafted RFA file, with exploitation described as leading to a crash, data corruption, or arbitrary code execution in the current process. CVSS 3.1 indicates a Local atta...

7.8CVSS7.3AI score0.00168EPSS