Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu libredwg vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-15807
GNU LibreDWG prior to 0.11 allows NULL pointer dereferences via crafted input files.
Gnu Libredwg
7.5
CVSSv3
CVE-2023-26157
Versions of the package libredwg prior to 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39522
An issue exists in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39525
An issue exists in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
Gnu Libredwg
6.5
CVSSv3
CVE-2021-45950
LibreDWG 0.12.4.4313 up to and including 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
Gnu Libredwg
8.8
CVSSv3
CVE-2021-42585
A heap buffer overflow exists in copy_compressed_bytes in decode_r2007.c in dwgread prior to 0.12.4 via a crafted dwg file.
Gnu Libredwg
6.5
CVSSv3
CVE-2021-39521
An issue exists in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an malicious user to cause Denial of Service.
Gnu Libredwg
6.5
CVSSv3
CVE-2021-39523
An issue exists in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an malicious user to cause Denial of Service.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39527
An issue exists in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39528
An issue exists in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
Gnu Libredwg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »