This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-477: Autodesk AutoCAD DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-476: Autodesk AutoCAD DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-475: Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-474: Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-473: Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
DSA-5092 linux – security update
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
USN-5314-1: Firefox vulnerabilities
A use-after-free was discovered when removing an XSLT parameter in some
circumstances. If a user were tricked into opening a specially crafted
website, an attacker could exploit this to cause a denial of service, or
execute arbitrary code. (CVE-2022-26485)
A use-after-free was discovered in the WebGPU IPC framework. If a user
were tricked into opening a specially crafted website, an attacker could
exploit this to cause a denial of service, or execute arbitrary code.
(CVE-2022-26486)
DSA-5091 containerd – security update
Felix Wilhelm discovered that the containerd container runtime was
susceptible to information disclosure via malformed container images.
DSA-5090 firefox-esr – security update
Two security issues have been found in the Mozilla Firefox web browser,
which result in the execution of arbitrary code.