Search Results (46029 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-34185 1 Mackron 1 Miniaudio 2025-08-26 7.8 High
Miniaudio 0.10.35 has an integer-based buffer overflow caused by an out-of-bounds left shift in drwav_bytes_to_u32 in miniaudio.h
CVE-2024-7674 1 Autodesk 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more 2025-08-26 7.8 High
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
CVE-2022-22121 1 Nocodb 1 Nocodb 2025-08-26 8 High
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed.
CVE-2024-9997 1 Autodesk 14 Advance Steel, Autocad, Autocad Advance Steel and 11 more 2025-08-26 7.8 High
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-9489 1 Autodesk 14 Advance Steel, Autocad, Autocad Advance Steel and 11 more 2025-08-26 7.8 High
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8600 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8599 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8598 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8597 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8594 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8592 2 Autodesk, Microsoft 13 Advance Steel, Autocad, Autocad Advance Steel and 10 more 2025-08-26 7.8 High
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8591 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8589 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-8588 2 Autodesk, Microsoft 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-7992 1 Autodesk 14 Advance Steel, Autocad, Autocad Advance Steel and 11 more 2025-08-26 7.8 High
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-7673 1 Autodesk 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more 2025-08-26 7.8 High
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
CVE-2024-7670 1 Autodesk 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more 2025-08-26 7.8 High
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-37008 1 Autodesk 2 Revit, Revit Lt 2025-08-26 7.8 High
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2024-7558 1 Canonical 1 Juju 2025-08-26 8.7 High
JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
CVE-2024-23132 1 Autodesk 12 Advance Steel, Autocad, Autocad Advance Steel and 9 more 2025-08-26 7.8 High
A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.