CVE-2024-23159

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-457
View all →

Vulnerability Description

A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.

Related Vulnerabilities

CVE-2023-6324

HIGH
CVSS:8.8(High)

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity

CWE-4572023

CVE-2024-6990

HIGH
CVSS:8.8(High)

Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security se...

CWE-4572024

CVE-2024-7022

HIGH
CVSS:8.8(High)

Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

CWE-4572024

CVE-2020-27124

HIGH
CVSS:8.6(High)

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, lea...

CWE-4572020

CVE-2022-21217

CRITICAL
CVSS:9.1(Critical)

An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to an out-of-bounds write. An at...

CWE-4572022

CVE-2021-40418

CRITICAL
CVSS:9.8(Critical)

When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed fro...

CWE-4572021