Lucene search
K
AutodeskVred

6 matches found

CVE
CVE
added 2023/06/23 12:0 a.m.89 views

CVE-2023-25003

CVE-2023-25003 affects Autodesk AutoCAD 2023 and Autodesk Maya 2022 via a malicious pskernel.dll that enables out-of-bounds read/write conditions, potentially leading to code execution. The issue is caused by a vulnerability in the pskernel.dll handling, with exploitation implied by references to...

7.8CVSS7.7AI score0.00251EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.84 views

CVE-2023-29068

CVE-2023-29068 : A maliciously crafted file consumed through the Autodesk pskernel.dll can cause memory corruption, which in conjunction with other vulnerabilities could lead to code execution in the context of the current process. The issue is associated with Autodesk products using pskernel.dll...

7.8CVSS7.9AI score0.00236EPSS
CVE
CVE
added 2014/07/07 10:0 a.m.70 views

CVE-2014-2967

Autodesk VRED Pro 2014 (before SR1 SP8) is affected by an unauthenticated remote code execution via the built‑in web server’s Python API. An attacker can remotely execute arbitrary code by sending commands through the exposed Python API (using the os library) on the server (port 8888). Impact is ...

10CVSS8.1AI score0.05073EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.68 views

CVE-2023-25002

CVE-2023-25002 concerns a use-after-free vulnerability triggered by a malicious SKP file in Autodesk products. Affected software is Autodesk products that process SKP files (e.g., Autodesk 3ds Max, Navisworks, SKP-related components) per multiple sources in the Connected set. Root cause is a use-...

7.8CVSS7.8AI score0.00349EPSS
CVE
CVE
added 2024/11/05 8:6 p.m.67 views

CVE-2024-7995

Autodesk VRED Design is affected by CVE-2024-7995, where a maliciously crafted binary file downloaded could exploit an untrusted search path to escalate privileges to NT AUTHORITY/SYSTEM, potentially enabling code execution. The condition is triggered by handling a downloaded binary within the VR...

7.8CVSS8AI score0.00201EPSS
CVE
CVE
added 2023/06/27 12:0 a.m.62 views

CVE-2023-25004

CVE-2023-25004 involves a maliciously crafted pskernel.dll in Autodesk products that triggers an integer overflow vulnerability, potentially enabling code execution. Connected advisories document affected Autodesk components such as InfraWorks and VRED variants and describe exploitation possibili...

7.8CVSS8AI score0.00236EPSS