Total
86 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21818 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48. | |||||
| CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | |||||
| CVE-2020-21816 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46. | |||||
| CVE-2020-21835 | 1 Gnu | 1 Libredwg | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | |||||
| CVE-2020-21839 | 1 Gnu | 1 Libredwg | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | |||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | |||||
| CVE-2020-21832 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. | |||||
| CVE-2020-21843 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. | |||||
| CVE-2020-21840 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. | |||||
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | |||||
| CVE-2020-21830 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. | |||||
| CVE-2019-20915 | 1 Gnu | 1 Libredwg | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c. | |||||
| CVE-2019-20914 | 1 Gnu | 1 Libredwg | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec. | |||||
| CVE-2019-20911 | 1 Gnu | 1 Libredwg | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop. | |||||
| CVE-2019-20912 | 1 Gnu | 1 Libredwg | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF. | |||||
| CVE-2019-20910 | 1 Gnu | 1 Libredwg | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011. | |||||
| CVE-2020-15807 | 1 Gnu | 1 Libredwg | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files. | |||||
| CVE-2019-20913 | 1 Gnu | 1 Libredwg | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec. | |||||
| CVE-2019-20909 | 1 Gnu | 1 Libredwg | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec. | |||||
| CVE-2019-20009 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | |||||