507 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-31164
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via createlinewithspline. CVE-2025-31164 Note...
Linux Distros Unpatched Vulnerability : CVE-2021-32280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function computeclosedspline located in transspline.c. It allows an...
Linux Distros Unpatched Vulnerability : CVE-2025-31163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via putpatternarc function. CVE-2025-31163 Note...
Linux Distros Unpatched Vulnerability : CVE-2025-46397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function. CVE-2025-46397 Note that...
Linux Distros Unpatched Vulnerability : CVE-2020-21529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 Note that Nessus relies on the presence of the package...
Linux Distros Unpatched Vulnerability : CVE-2025-31162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via getslope function. CVE-2025-31162 Note...
Linux Distros Unpatched Vulnerability : CVE-2025-46398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function. CVE-2025-46398...
Linux Distros Unpatched Vulnerability : CVE-2020-21531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fig2dev 3.2.7b contains a global buffer overflow in the convpatternindex function in gencgm.c. CVE-2020-21531 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2025-46399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via gengeitpspline function. CVE-2025-46399 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2025-46400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...
Linux Distros Unpatched Vulnerability : CVE-2020-21532
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. CVE-2020-21532 Note that Nessus relies on the presence of the package ...
OESA-2025-1949 transfig security update
The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...
SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2025:01835-2)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01835-2 advisory. Update to fig2dev version 3.2.9a - CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope...
Security update for transfig
This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope function bsc1240380. CVE-2025-31163: Fixed a segmentation fault in fig2dev in putpatternarc function bsc1240381. CVE-2025-31164: Fixed a he...
SUSE-SU-2025:01835-2 Security update for transfig
This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a - CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope function bsc1240380. - CVE-2025-31163: Fixed a segmentation fault in fig2dev in putpatternarc function bsc1240381. - CVE-2025-31164: Fixe...
SUSE SLES12 Security Update : transfig (SUSE-SU-2025:01890-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01890-1 advisory. Update to fig2dev version 3.2.9a - CVE-2025-46397: Fixed a stack buffer overflow in fig2dev in bezierspline function bsc1243260. -...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Fig2dev vulnerabilities (USN-7587-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7587-1 advisory. Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automate...
Ubuntu: Security Advisory (USN-7587-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7587-1: Fig2dev vulnerabilities
Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...
USN-7587-1 fig2dev vulnerabilities
Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...