7.8
CVE-2024-23159 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
7.8
CVE-2024-23158 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
7.8
CVE-2024-23157 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
10
CVE-2024-6297 - Several WordPress.org Plugins <= Various Versions - Injected Backdoor
Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator usโฆ
7.8
CVE-2024-23156 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
7.8
CVE-2024-23155 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
7.8
CVE-2024-23154 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2024-23153 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2024-23152 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2024-23151 - Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.