threat
engine
.sh
Back
·
··:··
Home
/
Product
/
autodesk civil 3d
Product
autodesk civil 3d
89 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-8894
>= 2024 and < 2024.1.8
A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A ma
7.8
HIGH
CVE-2025-8893
>= 2024 and < 2024.1.8
A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A m
7.8
HIGH
CVE-2025-5048
all versions
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A mali
7.8
HIGH
CVE-2025-5047
all versions
A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicio
7.8
HIGH
CVE-2025-5046
all versions
A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A ma
7.8
HIGH
CVE-2025-1276
>= 2023 and < 2023.1.7
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability.
7.8
HIGH
CVE-2025-1275
>= 2023 and < 2023.1.7
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulner
7.8
HIGH
CVE-2025-1652
>= 2022 and < 2022.1.6
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious
7.8
HIGH
CVE-2025-1651
>= 2022 and < 2022.1.6
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious
7.8
HIGH
CVE-2025-1650
>= 2022 and < 2022.1.6
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A
7.8
HIGH
CVE-2025-1649
>= 2022 and < 2022.1.6
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A
7.8
HIGH
CVE-2025-1433
>= 2022 and < 2022.1.6
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious
7.8
HIGH
CVE-2025-1432
>= 2022 and < 2022.1.6
A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor
7.8
HIGH
CVE-2025-1431
>= 2022 and < 2022.1.6
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A maliciou
7.8
HIGH
CVE-2025-1430
>= 2022 and < 2022.1.6
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious
7.8
HIGH
CVE-2025-1429
>= 2022 and < 2022.1.6
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious
7.8
HIGH
CVE-2025-1428
>= 2022 and < 2022.1.6
A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicio
7.8
HIGH
CVE-2025-1427
>= 2022 and < 2022.1.6
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A
7.8
HIGH
CVE-2024-8587
all versions
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vul
7.8
HIGH
CVE-2024-7305
>= 2022 and < 2022.1.6
A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerabili
7.8
HIGH
CVE-2024-37007
>= 2022 and < 2022.1.5
A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vuln
7.8
HIGH
CVE-2024-37006
>= 2022 and < 2022.1.5
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vu
7.8
HIGH
CVE-2024-37005
>= 2022 and < 2022.1.5
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malic
7.8
HIGH
CVE-2024-37004
>= 2022 and < 2022.1.5
A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulner
7.8
HIGH
CVE-2024-37003
>= 2022 and < 2022.1.5
A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be us
7.8
HIGH
CVE-2024-36999
>= 2022 and < 2022.1.5
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A ma
7.8
HIGH
CVE-2024-23159
>= 2022 and < 2022.1.5
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized v
7.8
HIGH
CVE-2024-23158
>= 2022 and < 2022.1.5
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-
7.8
HIGH
CVE-2024-23157
>= 2022 and < 2022.1.5
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corr
7.8
HIGH
CVE-2024-23156
>= 2022 and < 2022.1.5
A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memo
7.8
HIGH
CVE-2024-23155
>= 2022 and < 2022.1.5
A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-
7.8
HIGH
CVE-2024-23154
>= 2022 and < 2022.1.5
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based O
7.8
HIGH
CVE-2024-23153
>= 2022 and < 2022.1.5
A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A mali
7.8
HIGH
CVE-2024-23152
>= 2022 and < 2022.1.5
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A mal
7.8
HIGH
CVE-2024-23151
>= 2022 and < 2022.1.5
A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerab
7.8
HIGH
CVE-2024-23150
>= 2022 and < 2022.1.5
A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerabil
7.8
HIGH
CVE-2024-37002
>= 2022 and < 2022.1.5
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variab
7.8
HIGH
CVE-2024-37001
>= 2022 and < 2022.1.5
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Over
7.8
HIGH
CVE-2024-37000
>= 2022 and < 2022.1.5
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnera
7.8
HIGH
CVE-2024-23149
>= 2022 and < 2022.1.5
A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A m
7.8
HIGH
CVE-2024-23148
>= 2022 and < 2022.1.5
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vu
7.8
HIGH
CVE-2024-23147
>= 2022 and < 2022.1.5
A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can
7.8
HIGH
CVE-2024-23146
>= 2022 and < 2022.1.5
A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk AutoCAD, may force an Out-of-Bounds W
7.8
HIGH
CVE-2024-23145
>= 2022 and < 2022.1.5
A maliciously crafted PRT file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Read. A mali
7.8
HIGH
CVE-2024-23144
>= 2022 and < 2022.1.5
A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bo
7.8
HIGH
CVE-2024-23143
>= 2022 and < 2022.1.5
A maliciously crafted 3DM, MODEL and X_B file, when parsed in ASMkern229A.dll and ASMBASE229A.dll through Autodesk applications, c
7.8
HIGH
CVE-2024-23142
>= 2022 and < 2022.1.5
A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through A
7.8
HIGH
CVE-2024-23141
>= 2022 and < 2022.1.5
A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerabil
7.8
HIGH
CVE-2024-23140
>= 2022 and < 2022.1.5
A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an
7.8
HIGH
CVE-2024-23138
>= 2021 and < 2021.1.4
A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious
7.8
HIGH
CVE-2024-23137
>= 2021 and < 2021.1.4
A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized
7.8
HIGH
CVE-2024-23136
>= 2021 and < 2021.1.4
A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untruste
7.8
HIGH
CVE-2024-23135
>= 2021 and < 2021.1.4
A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vuln
7.8
HIGH
CVE-2024-23134
>= 2021 and < 2021.1.4
A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This
7.8
HIGH
CVE-2024-23133
>= 2021 and < 2021.1.4
A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulne
7.8
HIGH
CVE-2024-23132
>= 2021 and < 2021.1.4
A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption v
7.8
HIGH
CVE-2024-23131
>= 2021 and < 2021.1.4
A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Aut
7.8
HIGH
CVE-2024-23130
>= 2021 and < 2021.1.4
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corr
7.8
HIGH
CVE-2024-23129
>= 2021 and < 2021.1.4
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a me
7.8
HIGH
CVE-2024-23128
>= 2021 and < 2021.1.4
A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a m
7.8
HIGH
CVE-2024-23127
>= 2021 and < 2021.1.4
A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications,
7.8
HIGH
CVE-2024-23126
>= 2021 and < 2021.1.4
A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflo
7.8
HIGH
CVE-2024-23125
>= 2021 and < 2021.1.4
A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overf
7.8
HIGH
CVE-2024-23124
>= 2021 and < 2021.1.4
A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulner
7.8
HIGH
CVE-2024-23123
>= 2021 and < 2021.1.4
A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bo
7.8
HIGH
CVE-2024-23122
>= 2021 and < 2021.1.4
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerabil
7.8
HIGH
CVE-2024-23121
>= 2021 and < 2021.1.4
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerab
7.8
HIGH
CVE-2024-23120
>= 2021 and < 2021.1.4
A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may forc
7.8
HIGH
CVE-2024-0446
>= 2021 and < 2021.1.4
A maliciously crafted STP, CATPART or MODEL file, when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk AutoCAD, ma
7.8
HIGH
CVE-2022-25788
>= 2022 and < 2022.1.2
A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. Th
7.8
HIGH
CVE-2022-27530
>= 2019 and < 2019.1.4
A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer
7.8
HIGH
CVE-2022-27529
>= 2019 and < 2019.1.4
A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the alloca
7.8
HIGH
CVE-2022-25792
>= 2019 and < 2019.1.4
A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond
7.8
HIGH
CVE-2022-25791
>= 2019 and < 2019.1.4
A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 m
7.8
HIGH
CVE-2022-25790
>= 2019 and < 2019.1.4
A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond
7.8
HIGH
CVE-2022-25789
>= 2019 and < 2019.1.4
A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vul
7.8
HIGH
CVE-2021-40159
>= 2022 and < 2022.1.2
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnera
7.8
HIGH
CVE-2021-40158
>= 2022 and < 2022.1.2
A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated
7.8
HIGH
CVE-2021-40161
< 2019.1.4
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.
7.8
HIGH
CVE-2021-40160
>= 2022 and < 2022.1.1
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This
7.8
HIGH
CVE-2021-27043
>= 2019 and < 2019.1.3
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write i
7.8
HIGH
CVE-2021-27042
>= 2019 and < 2019.1.3
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists
7.8
HIGH
CVE-2021-27041
>= 2019 and < 2019.1.3
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be
7.8
HIGH
CVE-2021-27040
>= 2019 and < 2019.1.3
A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can
3.3
LOW
CVE-2019-7364
all versions
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, Aut
7.8
HIGH
CVE-2019-7361
all versions
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code
7.8
HIGH
CVE-2019-7360
all versions
An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018
7.8
HIGH
CVE-2019-7359
all versions
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018
7.8
HIGH
CVE-2019-7358
all versions
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018,
7.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin