revit · threatengine.sh

CVE-2025-8354

>= 2026 and < 2026.3

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Type Confusion vulnerability. A malicious actor ma

7.8HIGH

CVE-2025-8894

>= 2025 and < 2025.4.3

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A ma

7.8HIGH

CVE-2025-8893

>= 2025 and < 2025.4.3

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A m

7.8HIGH

CVE-2025-5039

>= 2026 and < 2026.0.2

A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of a

7.8HIGH

CVE-2025-5042

>= 2026 and < 2026.2

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious act

7.8HIGH

CVE-2025-5040

>= 2024 and < 2024.3.3

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious act

7.8HIGH

CVE-2025-5037

>= 2024 and < 2024.3.3

A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A ma

7.8HIGH

CVE-2025-5036

>= 2024 and < 2024.3.3

A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious

7.8HIGH

CVE-2025-2497

>= 2024 and < 2024.3.2

A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malic

7.8HIGH

CVE-2025-1656

>= 2023 and < 2023.1.7

A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability.

7.8HIGH

CVE-2025-1277

>= 2023 and < 2023.1.7

A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A maliciou

7.8HIGH

CVE-2025-1276

>= 2024 and < 2024.1.7

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability.

7.8HIGH

CVE-2025-1275

>= 2023 and < 2023.1.7

A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulner

7.8HIGH

CVE-2025-1274

>= 2023 and < 2023.1.7

A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious ac

7.8HIGH

CVE-2025-1273

>= 2023 and < 2023.1.7

A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability.

7.8HIGH

CVE-2024-11608

>= 2023 and < 2023.1.7

A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicio

7.8HIGH

CVE-2024-11454

>= 2025 and < 2025.4

A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute ar

7.8HIGH

CVE-2024-11268

>= 2024 and < 2024.3.1

A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverag

5.5MEDIUM

CVE-2024-7994

>= 2024 and < 2024.3

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can

7.8HIGH

CVE-2024-7993

>= 2024 and < 2024.2.2

A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write vulnerability. A malicious ac

7.8HIGH

CVE-2024-37008

all versions

A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this

7.8HIGH

CVE-2023-25002

all versions

A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerab

7.8HIGH

CVE-2023-29068

>= 2021 and < 2021.1.8

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabiliti

7.8HIGH

CVE-2023-25004

>= 2021 and < 2021.1.8

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of

7.8HIGH

CVE-2023-25003

>= 2021 and < 2021.1.8

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / re

7.8HIGH

CVE-2021-40166

>= 2019 and < 2019.2.4

A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already be

7.8HIGH

CVE-2021-40165

>= 2019 and < 2019.2.4

A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocate

7.8HIGH

CVE-2021-40164

>= 2019 and < 2019.2.4

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execu

7.8HIGH

CVE-2021-40163

>= 2019 and < 2019.2.4

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processi

7.8HIGH

CVE-2021-40162

>= 2019 and < 2019.2.4

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated b

7.8HIGH

CVE-2022-27871

all versions

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to

7.8HIGH

CVE-2021-40161

< 2020.2.5

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.

7.8HIGH

CVE-2021-40160

>= 2020 and < 2020.2.5

PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This

7.8HIGH

CVE-2005-4710

all versions

Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attac

autodesk revit