Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Autocad_plant_3d
(Autodesk)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 85 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-29 | CVE-2024-8595 | A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_mechanical, Autocad_mep, Autocad_plant_3d | 7.8 | ||
| 2024-10-29 | CVE-2024-8597 | A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_mechanical, Autocad_mep, Autocad_plant_3d | 7.8 | ||
| 2024-10-29 | CVE-2024-8599 | A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_mechanical, Autocad_mep, Autocad_plant_3d | 7.8 | ||
| 2024-10-29 | CVE-2024-8598 | A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_mechanical, Autocad_mep, Autocad_plant_3d | 7.8 | ||
| 2024-10-29 | CVE-2024-8600 | A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_mechanical, Autocad_mep, Autocad_plant_3d | 7.8 | ||
| 2024-10-29 | CVE-2024-8896 | A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview | 7.8 | ||
| 2024-10-29 | CVE-2024-9489 | A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview | 7.8 | ||
| 2024-10-29 | CVE-2024-9996 | A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview | 7.8 | ||
| 2024-10-29 | CVE-2024-9997 | A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview | 7.8 | ||
| 2019-08-23 | CVE-2019-7364 | DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution. | Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_p\&id, Autocad_plant_3d, Civil_3d | 7.8 |