Export limit exceeded: 349378 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349378 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0875 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2026-0874 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2026-31757 | 1 Linux | 1 Linux Kernel | 2026-05-08 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usb_submit_urb() fails in usbio_probe(), the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to err_free_urb label to properly release the URB on the error path. | ||||
| CVE-2025-9460 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9459 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9458 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9457 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9456 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9455 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9454 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9453 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2026-31758 | 1 Linux | 1 Linux Kernel | 2026-05-08 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmc_release When calling usbtmc_release, pending anchored URBs must be flushed or killed to prevent use-after-free errors (e.g. in the HCD giveback path). Call usbtmc_draw_down() to allow anchored URBs to be completed. | ||||
| CVE-2025-9452 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-8892 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-7675 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2026-05-08 | 7.8 High |
| A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2026-43026 | 1 Linux | 1 Linux Kernel | 2026-05-08 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent ctnetlink_alloc_expect() allocates expectations from a non-zeroing slab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not present in the netlink message, saved_addr and saved_proto are never initialized. Stale data from a previous slab occupant can then be dumped to userspace by ctnetlink_exp_dump_expect(), which checks these fields to decide whether to emit CTA_EXPECT_NAT. The safe sibling nf_ct_expect_init(), used by the packet path, explicitly zeroes these fields. Zero saved_addr, saved_proto and dir in the else branch, guarded by IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when NAT is enabled. Confirmed by priming the expect slab with NAT-bearing expectations, freeing them, creating a new expectation without CTA_EXPECT_NAT, and observing that the ctnetlink dump emits a spurious CTA_EXPECT_NAT containing stale data from the prior allocation. | ||||
| CVE-2025-7497 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-6637 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2026-31759 | 1 Linux | 1 Linux Kernel | 2026-05-08 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix double free in ulpi_register_interface() error path When device_register() fails, ulpi_register() calls put_device() on ulpi->dev. The device release callback ulpi_dev_release() drops the OF node reference and frees ulpi, but the current error path in ulpi_register_interface() then calls kfree(ulpi) again, causing a double free. Let put_device() handle the cleanup through ulpi_dev_release() and avoid freeing ulpi again in ulpi_register_interface(). | ||||
| CVE-2025-6636 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2026-05-08 | 7.8 High |
| A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||