Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Libredwg
Total 87 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9771 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVE-2019-9777 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
CVE-2019-9778 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
CVE-2019-9772 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVE-2018-14471 1 Gnu 1 Libredwg 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
CVE-2018-14524 1 Gnu 1 Libredwg 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
CVE-2018-14443 1 Gnu 1 Libredwg 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).