Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu libredwg vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-14471
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote malicious users to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
Gnu Libredwg
6.5
CVSSv3
CVE-2018-14524
dwg_decode_eed in decode.c in GNU LibreDWG prior to 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-42586
A heap buffer overflow exists in copy_bytes in decode_r2007.c in dwgread prior to 0.12.4 via a crafted dwg file.
Gnu Libredwg
8.1
CVSSv3
CVE-2019-20910
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
Gnu Libredwg
6.5
CVSSv3
CVE-2019-20911
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
Gnu Libredwg
8.8
CVSSv3
CVE-2019-20912
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
Gnu Libredwg
8.1
CVSSv3
CVE-2019-20913
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
Gnu Libredwg
9.8
CVSSv3
CVE-2019-20914
An issue exists in GNU LibreDWG up to and including 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
Gnu Libredwg
8.8
CVSSv3
CVE-2021-36080
GNU LibreDWG 0.12.3.4163 up to and including 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
Gnu Libredwg
8.8
CVSSv3
CVE-2020-21816
A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46.
Gnu Libredwg 0.10.2641
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »