Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Gnu Subscribe
Filtered by product Libredwg
Total 86 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36274 1 Gnu 1 Libredwg 2025-03-14 N/A 8.8 HIGH
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVE-2023-36271 1 Gnu 1 Libredwg 2025-03-14 N/A 8.8 HIGH
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVE-2023-36272 1 Gnu 1 Libredwg 2025-03-14 N/A 8.8 HIGH
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
CVE-2023-36273 1 Gnu 1 Libredwg 2024-11-21 N/A 8.8 HIGH
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2023-25222 1 Gnu 1 Libredwg 2024-11-21 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
CVE-2022-45332 1 Gnu 1 Libredwg 2024-11-21 N/A 7.8 HIGH
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-35164 1 Gnu 1 Libredwg 2024-11-21 N/A 9.8 CRITICAL
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
CVE-2022-33034 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
CVE-2022-33033 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
CVE-2022-33032 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-33028 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
CVE-2022-33027 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
CVE-2022-33026 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2022-33025 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
CVE-2022-33024 1 Gnu 1 Libredwg 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.
CVE-2021-45950 1 Gnu 1 Libredwg 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
CVE-2021-42586 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-42585 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 8.8 HIGH
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
CVE-2021-39530 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
CVE-2021-39528 1 Gnu 1 Libredwg 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.