QSearchQSearch

CVE-2021-27033

8.1 HIGH

A maliciously crafted PDF file, when opened by a user in Autodesk Design Review, can trigger a Double Free vulnerability in the Autodesk ...

Published: 2021-07-09 · Last updated: 2026-06-19

Severity and scoring

CVSS
8.1 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE
CWE-415

Affected products

VendorProduct
autodeskdesign_review

Description

A maliciously crafted PDF file, when opened by a user in Autodesk Design Review, can trigger a Double Free vulnerability in the Autodesk Design Review application. A malicious actor may leverage this vulnerability to cause memory corruption and execute arbitrary code in the context of the current process.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-7454 A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability (7.8 HIGH)
  • CVE-2026-7453 A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-... (5.5 MEDIUM)
  • CVE-2026-7452 A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability (7.8 HIGH)
  • CVE-2026-7451 A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability (7.8 HIGH)
  • CVE-2026-7450 A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability (5.5 MEDIUM)

Same CWE

  • CVE-2026-12043 Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor oper... (8.8 HIGH)
  • CVE-2026-46690 unbounded_spsc is an "unbounded" extension of bounded_spsc_queue (5.8 MEDIUM)
  • CVE-2026-35188 Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status_request extension, tr... (5.0 MEDIUM)
  • CVE-2026-45324 Rizin is a UNIX-like reverse engineering framework and command-line toolset (3.3 LOW)
  • CVE-2026-44422 FreeRDP is a free implementation of the Remote Desktop Protocol (7.5 HIGH)