Filtered by vendor Autodesk
Subscriptions
Filtered by product Design Review
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-27871 | 1 Autodesk | 14 3ds Max, Advance Steel, Autocad and 11 more | 2024-08-03 | 7.8 High |
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. | ||||
CVE-2022-27865 | 1 Autodesk | 1 Design Review | 2024-08-03 | 7.8 High |
A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. | ||||
CVE-2022-27864 | 1 Autodesk | 1 Design Review | 2024-08-03 | 8.8 High |
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | ||||
CVE-2022-27866 | 1 Autodesk | 1 Design Review | 2024-08-03 | 7.8 High |
A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
CVE-2022-27526 | 1 Autodesk | 1 Design Review | 2024-08-03 | 7.8 High |
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
CVE-2022-27525 | 1 Autodesk | 1 Design Review | 2024-08-03 | 7.8 High |
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. |