Latest CVE Feed
-
10.0
CRITICALCVE-2024-51567
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST ... Read more
Affected Products : cyberpanel- Actively Exploited
- Published: Oct. 29, 2024
- Modified: Apr. 03, 2025
-
10.0
CRITICALCVE-2024-51378
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which... Read more
Affected Products : cyberpanel- Actively Exploited
- Published: Oct. 29, 2024
- Modified: Jul. 30, 2025
-
5.4
MEDIUMCVE-2024-50348
InstantCMS is a free and open source content management system. In photo upload function in the photo album page there is no input validation taking place. Due to this attackers are able to inject the XSS (Cross Site Scripting) payload and execute. This v... Read more
Affected Products : instantcms- Published: Oct. 29, 2024
- Modified: Nov. 06, 2024
-
7.8
HIGHCVE-2024-9997
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the conte... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +6 more products- Published: Oct. 29, 2024
- Modified: Apr. 04, 2025
-
7.8
HIGHCVE-2024-9996
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +6 more products- Published: Oct. 29, 2024
- Modified: Feb. 10, 2025
-
7.8
HIGHCVE-2024-9827
A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-9826
A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-9489
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +6 more products- Published: Oct. 29, 2024
- Modified: Nov. 01, 2024
-
7.8
HIGHCVE-2024-8896
A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code i... Read more
Affected Products : autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +6 more products- Published: Oct. 29, 2024
- Modified: Nov. 01, 2024
-
7.8
HIGHCVE-2024-8600
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in th... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8599
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in th... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8598
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in th... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8597
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8596
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code i... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8595
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the con... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8594
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in th... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8593
A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary co... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8592
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code ... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep +3 more products- Published: Oct. 29, 2024
- Modified: Nov. 01, 2024
-
7.8
HIGHCVE-2024-8591
A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary ... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025
-
7.8
HIGHCVE-2024-8590
A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the contex... Read more
Affected Products : windows autocad advance_steel autocad_architecture autocad_civil_3d autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d +3 more products- Published: Oct. 29, 2024
- Modified: Apr. 11, 2025