Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu libredwg vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-36080
GNU LibreDWG 0.12.3.4163 up to and including 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
Gnu Libredwg
7.8
CVSSv3
CVE-2022-33025
LibreDWG v0.12.4.4608 exists to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
Gnu Libredwg -
7.8
CVSSv3
CVE-2022-33026
LibreDWG v0.12.4.4608 exists to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
Gnu Libredwg -
7.8
CVSSv3
CVE-2022-33027
LibreDWG v0.12.4.4608 exists to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
Gnu Libredwg -
7.8
CVSSv3
CVE-2022-33028
LibreDWG v0.12.4.4608 exists to contain a heap buffer overflow via the function dwg_add_object at decode.c.
Gnu Libredwg -
7.8
CVSSv3
CVE-2022-33032
LibreDWG v0.12.4.4608 exists to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
Gnu Libredwg -
6.5
CVSSv3
CVE-2020-15807
GNU LibreDWG prior to 0.11 allows NULL pointer dereferences via crafted input files.
Gnu Libredwg
6.5
CVSSv3
CVE-2018-14443
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote malicious users to cause a denial of service (SEGV).
Gnu Libredwg
6.5
CVSSv3
CVE-2018-14471
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote malicious users to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
Gnu Libredwg
6.5
CVSSv3
CVE-2018-14524
dwg_decode_eed in decode.c in GNU LibreDWG prior to 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
Gnu Libredwg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »