Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Revit
(Autodesk)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 31 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-04-15 | CVE-2025-1273 | A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Revit | 7.8 | ||
| 2025-04-15 | CVE-2025-1274 | A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | Revit | 7.8 | ||
| 2025-04-15 | CVE-2025-1275 | A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d, Dwg_trueview, Revit | 7.8 | ||
| 2025-04-15 | CVE-2025-1276 | A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d, Dwg_trueview, Infrastructure_parts_editor, Inventor, Navisworks_manage, Navisworks_simulate, Revit, Vault | N/A | ||
| 2025-04-15 | CVE-2025-1277 | A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | Revit | 7.8 | ||
| 2025-04-15 | CVE-2025-1656 | A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Revit | 7.8 | ||
| 2025-04-15 | CVE-2025-2497 | A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | Revit | 7.8 | ||
| 2025-06-02 | CVE-2025-5036 | A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Revit | N/A | ||
| 2025-07-10 | CVE-2025-5037 | A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | Revit | N/A | ||
| 2025-07-10 | CVE-2025-5040 | A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | Revit | N/A |