Search
Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21839 | 1 Gnu | 1 Libredwg | 2022-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | |||||
| CVE-2021-45950 | 1 Gnu | 1 Libredwg | 2022-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | |||||
| CVE-2020-6610 | 2 Gnu, Opensuse | 3 Libredwg, Backports, Leap | 2022-01-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | |||||
| CVE-2021-39521 | 1 Gnu | 1 Libredwg | 2021-09-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-39523 | 1 Gnu | 1 Libredwg | 2021-09-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2021-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | |||||
| CVE-2020-21815 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). | |||||
| CVE-2020-21817 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash). | |||||
| CVE-2020-21834 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. | |||||
| CVE-2020-21835 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | |||||
| CVE-2019-20013 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | |||||
| CVE-2019-20009 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | |||||
| CVE-2019-20015 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | |||||
| CVE-2019-20012 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | |||||
| CVE-2020-15807 | 1 Gnu | 1 Libredwg | 2020-07-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files. | |||||
| CVE-2019-20911 | 1 Gnu | 1 Libredwg | 2020-07-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop. | |||||
| CVE-2020-6615 | 1 Gnu | 1 Libredwg | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | |||||
| CVE-2020-6611 | 1 Gnu | 1 Libredwg | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | |||||
| CVE-2018-14471 | 1 Gnu | 1 Libredwg | 2018-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. | |||||
| CVE-2018-14443 | 1 Gnu | 1 Libredwg | 2018-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV). | |||||
| CVE-2018-14524 | 1 Gnu | 1 Libredwg | 2018-08-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs. | |||||