Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Gnu Subscribe
Filtered by product Libredwg
Total 87 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26157 1 Gnu 1 Libredwg 2024-01-08 N/A 7.5 HIGH
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
CVE-2023-36273 1 Gnu 1 Libredwg 2023-06-27 N/A 8.8 HIGH
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2023-36274 1 Gnu 1 Libredwg 2023-06-27 N/A 8.8 HIGH
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVE-2023-36271 1 Gnu 1 Libredwg 2023-06-27 N/A 8.8 HIGH
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVE-2023-36272 1 Gnu 1 Libredwg 2023-06-27 N/A 8.8 HIGH
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
CVE-2023-25222 1 Gnu 1 Libredwg 2023-03-10 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
CVE-2022-33026 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2022-33025 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
CVE-2022-33032 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-33028 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
CVE-2022-33027 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
CVE-2022-45332 1 Gnu 1 Libredwg 2022-12-02 N/A 7.8 HIGH
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2020-21839 1 Gnu 1 Libredwg 2022-10-26 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
CVE-2020-21827 1 Gnu 1 Libredwg 2022-10-26 6.8 MEDIUM 7.8 HIGH
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
CVE-2020-6615 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
CVE-2020-6609 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 6.8 MEDIUM 8.8 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVE-2020-6611 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVE-2020-6612 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVE-2020-6613 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVE-2020-6614 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.