Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Autocad_plant_3d
(Autodesk)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 126 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-25 | CVE-2024-23152 | A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23153 | A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23158 | A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23154 | A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23155 | A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23156 | A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23157 | A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-37004 | A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-23159 | A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A | ||
| 2024-06-25 | CVE-2024-36999 | A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d | N/A |