Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu libredwg vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-14524
dwg_decode_eed in decode.c in GNU LibreDWG prior to 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
Gnu Libredwg
5
CVSSv2
CVE-2019-20909
An issue exists in GNU LibreDWG up to and including 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.
Gnu Libredwg
5.8
CVSSv2
CVE-2019-20910
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
Gnu Libredwg
4.3
CVSSv2
CVE-2019-20911
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
Gnu Libredwg
6.8
CVSSv2
CVE-2019-20912
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
Gnu Libredwg
5.8
CVSSv2
CVE-2019-20913
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
Gnu Libredwg
7.5
CVSSv2
CVE-2019-20914
An issue exists in GNU LibreDWG up to and including 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
Gnu Libredwg
5.8
CVSSv2
CVE-2019-20915
An issue exists in GNU LibreDWG up to and including 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.
Gnu Libredwg
6.8
CVSSv2
CVE-2021-42585
A heap buffer overflow exists in copy_compressed_bytes in decode_r2007.c in dwgread prior to 0.12.4 via a crafted dwg file.
Gnu Libredwg
NA
CVE-2023-25222
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
Gnu Libredwg 0.12.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »