CVE-2025-31164

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via createlinewithspline...

CVE-2025-31164

Fig2dev in version 3.2.9a is vulnerable to a heap-buffer overflow in create_line_with_spline (CVE-2025-31164). Attackers could exploit via locally manipulated input, as described in multiple advisories (e.g., SUSE, Debian, Mageia) that also reference related CVEs 31162/31163. Affected distributio...

fig2dev 安全漏洞

fig2dev is a simple tool from the Xfig open source. It is used to translate fig code from a named fig file into a specified graphics language. A security vulnerability exists in fig2dev version 3.2.9a, which stems from a heap buffer overflow in the createlinewithspline function that could lead to...

PT-2025-13563 · Xfig +4 · Xfig +4

Name of the Vulnerable Software and Affected Versions: xfig fig2dev version 3.2.9a Description: The issue is related to a segmentation fault in the fig2dev component of xfig, which can be triggered by manipulating local input via the put patternarc function. This can lead to a null pointer...

fig2dev 安全漏洞

fig2dev is a simple tool from the Xfig open source. It is used to translate fig code from a named fig file into a specified graphics language. A security vulnerability exists in fig2dev version 3.2.9a, which stems from a segmentation error in the putpatternarc function that could lead to a denial...

PT-2025-13562 · Fig2Dev +4 · Fig2Dev +4

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.9a Description: The issue is related to a floating point exception in the fig2dev component, specifically in the get slope function. This exception can be triggered by an attacker through local input manipulation,...

fig2dev 安全漏洞

fig2dev is a simple tool from the Xfig open source. It is used to translate fig code from a named fig file into a specified graphics language. A security vulnerability exists in fig2dev version 3.2.9a, which stems from a floating-point exception in the getslope function that could lead to a denia...

Linux Distros Unpatched Vulnerability : CVE-2018-16140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...

PT-2025-17669

Name of the Vulnerable Software and Affected Versions fig2dev version 3.2.9a Description The issue allows an attacker possible code execution via local input manipulation through the bezier spline function. Recommendations For fig2dev version 3.2.9a, consider disabling the bezier spline function...

The vulnerability of the open_stream function in the file conversion utility for files with the .fig and .fig2dev extensions allows a malicious actor to cause a service failure by writing beyond the buffer boundaries in memory.

The vulnerability of the openstream function in the file conversion utility for files with the .fig and .fig2dev extensions is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the free_stream utility for converting files with the .fig and .fig2dev extensions involves a memory reclamation error, which allows an attacker to cause a service failure.

The vulnerability of the freestream function in the file conversion utility for files with the .fig and .fig2dev extensions is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to cause a service failure...

Medium: transfig

Issue Overview: An out-of-bounds write flaw was found in transfig in the way the fig2dev program handled the processing of Fig format files. Specifically, the flaw affects the translation process of Fig codes into the box graphics language. This flaw allows for potential exploitation by crashing...

Denial Of Service (DoS)

fig2dev is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack-based buffer overflow in the readtextobject function of read.c, allowing an attacker to cause an application crash by passing incorrect sscanf...

Denial Of Service (DoS)

fig2dev is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack-based buffer overflow in the calcarrow function of bound.c, allowing an attacker to cause an application crash...

SUSE CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

SUSE CVE-2018-16140

A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...

SUSE CVE-2019-14275

Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c...

SUSE CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

SUSE CVE-2019-19746

makearrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type...

SUSE CVE-2019-19797

readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write...