Filtered by vendor Gnu
Subscriptions
Filtered by product Libredwg
Subscriptions
Total
87 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-01-08 | 7.5 High |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||||
| CVE-2023-36273 | 1 Gnu | 1 Libredwg | 2023-06-27 | 8.8 High |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||||
| CVE-2023-36274 | 1 Gnu | 1 Libredwg | 2023-06-27 | 8.8 High |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | ||||
| CVE-2023-36271 | 1 Gnu | 1 Libredwg | 2023-06-27 | 8.8 High |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | ||||
| CVE-2023-36272 | 1 Gnu | 1 Libredwg | 2023-06-27 | 8.8 High |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | ||||
| CVE-2023-25222 | 1 Gnu | 1 Libredwg | 2023-03-10 | 8.8 High |
| A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | ||||
| CVE-2022-33026 | 1 Gnu | 1 Libredwg | 2023-01-23 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||||
| CVE-2022-33025 | 1 Gnu | 1 Libredwg | 2023-01-23 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | ||||
| CVE-2022-33032 | 1 Gnu | 1 Libredwg | 2023-01-23 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||||
| CVE-2022-33028 | 1 Gnu | 1 Libredwg | 2023-01-23 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. | ||||
| CVE-2022-33027 | 1 Gnu | 1 Libredwg | 2023-01-23 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | ||||
| CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2022-12-02 | 7.8 High |
| LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||||
| CVE-2020-21839 | 1 Gnu | 1 Libredwg | 2022-10-26 | 6.5 Medium |
| An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | ||||
| CVE-2020-21827 | 1 Gnu | 1 Libredwg | 2022-10-26 | 7.8 High |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. | ||||
| CVE-2018-14471 | 1 Gnu | 1 Libredwg | 2022-10-03 | N/A |
| dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. | ||||
| CVE-2020-6615 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-09-12 | 6.5 Medium |
| GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | ||||
| CVE-2020-6609 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-09-12 | 8.8 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | ||||
| CVE-2020-6611 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-09-12 | 6.5 Medium |
| GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | ||||
| CVE-2020-6612 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-09-12 | 8.1 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | ||||
| CVE-2020-6613 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-09-12 | 8.1 High |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | ||||