Published: 13/04/2022 Updated: 21/04/2022

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Vulnerable Product	Search on Vulmon	Subscribe to Product
autodesk dwg trueview

Google Play pulls sneaky data-harvesting apps with 46m+ downloads

The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Get our weekly newsletter Plus: Fox News learns to use database passwords, Autodesk patches high-severity bugs, and CISA says retire old D-Link routers

In brief Google pulled a slew of Android apps with more than 46 million downloads from its Google Play Store after security researchers notified the cloud giant that the code contained some sneaky data-harvesting code. Apps included a speed camera radar, several Muslim prayer apps, a QR scanner, a WiFi mouse tool, a weather app and others. A Panama-based company Measurement Systems developed the code, according to AppCensus co-founder Joel Reardon, whose mobile app testing firm discovered ...

CVE-2022-27523

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect