Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu libredwg vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-39521
An issue exists in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an malicious user to cause Denial of Service.
Gnu Libredwg
6.5
CVSSv3
CVE-2021-39523
An issue exists in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an malicious user to cause Denial of Service.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39528
An issue exists in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
Gnu Libredwg
7.5
CVSSv3
CVE-2023-26157
Versions of the package libredwg prior to 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39522
An issue exists in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39525
An issue exists in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39527
An issue exists in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-39530
An issue exists in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-42586
A heap buffer overflow exists in copy_bytes in decode_r2007.c in dwgread prior to 0.12.4 via a crafted dwg file.
Gnu Libredwg
6.5
CVSSv3
CVE-2021-45950
LibreDWG 0.12.4.4313 up to and including 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
Gnu Libredwg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »