CVE-2026-9501 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

CVE-2010-20114 VariCAD EN <= 2010-2.05 .dwb File Stack Buffer Overflow

VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This fla...

IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-16730)

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DWG files, which can be exploited by an attacker to execute code in the context of the current...

IrfanView CADImage Plugin 缓冲区错误漏洞

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DWG files, which can be exploited by an attacker to execute code in the context of the current...

IrfanView CADImage Plugin 缓冲区错误漏洞

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DWG files, which can be exploited by an attacker to execute code in the context of the current...

IrfanView CADImage Plugin 缓冲区错误漏洞

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DWG files, which can be exploited by an attacker to execute code in the context of the current...

PT-2025-19688 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: libdwg affected versions not specified Description: The software is susceptible to an index-out-of-bounds issue discovered through OSS-Fuzz testing. The crash occurs during the processing of .dwg files, specifically within the dwg decode eed,...

CVE-2024-23138

A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

libredwg Security Vulnerabilities

libredwg is a free implementation of the DWG file format. A security vulnerability exists in libredwg versions prior to 0.12.5.6384, which stems from an out-of-bounds read problem in section-numpages in decoder2007.c. The vulnerability is caused by a read-over-bounds problem in section-numpages...

CVE-2021-43336

An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF and DWG files. Crafted data in a DXF or DWG file an invalid number of properties can trigger a write operation pas...

CVE-2021-31499

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2021-31490

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2021-25176

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restart...

GNU LibreDWG Null Pointer Backreference Vulnerability

GNU LibreDWG is a GNU Project C library for working with DWG files. A null pointer back-reference vulnerability exists in the '.spec' function of the dwg.spec file in GNU LibreDWG version 0.7 and 0.7.1645. An attacker could exploit this vulnerability to cause a denial of service...

GNU LibreDWG null pointer back-reference vulnerability (CNVD-2019-12558)

GNU LibreDWG is a GNU Project C library for working with DWG files. A null pointer back-reference vulnerability exists in the 'dwgdxfLTYPE' function of the dwg.spec file in GNU LibreDWG version 0.7 and 0.7.1645. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2011-0977

Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office...

CVE-2011-0977

Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office...