CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

507 matches found

CNNVD•added 2021/08/10 12:0 a.m.•0 views

Xfig fig2dev 缓冲区错误漏洞

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in shadeortintnameafterdeclarecolor in genpstricks.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting th...

5.5CVSS6AI score0.00289EPSS

Exploits1References4

Positive Technologies•added 2021/08/10 12:0 a.m.•1 views

PT-2021-6724 · Fig2Dev · Fig2Dev

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.7b Description: The issue is related to a global buffer overflow in the put font function of the genpict2e.c component in the fig2dev utility. This occurs when converting a xfig file into pict2e format without proper input...

7.1CVSS5.5AI score0.00322EPSS

Exploits1References11

CVE•added 2021/08/10 12:0 a.m.•78 views

CVE-2020-21676

CVE-2020-21676 is a stack-based buffer overflow in genpstrx_text() of fig2dev 3.2.7b, allowing denial of service when converting a xfig file to pstricks. Public advisories (Debian/Ubuntu) indicate fixes in later fig2dev releases (e.g., Debian 1:3.2.7a-5+deb10u5; Ubuntu USN-5864-1). Remediation: u...

5.5CVSS5.6AI score0.00678EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2021/08/10 12:0 a.m.•2 views

PT-2021-6546 · Fig2Dev +3 · Fig2Dev +3

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.7b Description: A stack-based buffer overflow in the put arrow component in genpict2e.c of fig2dev allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format. Recommendations: For fig2d...

7.8CVSS6.5AI score0.00508EPSS

Exploits20References126

Cvelist•added 2021/08/10 12:0 a.m.•19 views

CVE-2020-21676

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format...

6AI score0.00678EPSS

Exploits1References4

CNNVD•added 2021/08/10 12:0 a.m.•3 views

Xfig fig2dev 缓冲区错误漏洞

fig2dev is used to convert .fig files to various graphics languages and formats. A buffer overflow vulnerability exists in the setcolor component of genge.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to ge format...

5.5CVSS6AI score0.00322EPSS

Exploits1References4

CNNVD•added 2021/08/10 12:0 a.m.•2 views

Xfig fig2dev 缓冲区错误漏洞

fig2dev is used to convert .fig files to various graphics languages and formats. A stack buffer overflow vulnerability exists in the genptktext component of genptk.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to pt...

5.5CVSS6AI score0.00619EPSS

Exploits1References6

CNNVD•added 2021/08/10 12:0 a.m.•2 views

Xfig fig2dev缓冲区错误漏洞

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in the genmpwritefontmacrolatex component of genmp.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xf...

5.5CVSS6AI score0.00322EPSS

Exploits1References1

Positive Technologies•added 2021/08/10 12:0 a.m.•3 views

PT-2021-6723 · Fig2Dev +3 · Fig2Dev +3

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.7b Description: A global buffer overflow in the set fill component in genge.c of fig2dev allows attackers to cause a denial of service DOS via converting a xfig file into ge format. This issue is related to the lack of inp...

7.8CVSS6.6AI score0.00508EPSS

Exploits20References125

Positive Technologies•added 2021/08/10 12:0 a.m.•2 views

PT-2021-6544 · Fig2Dev +3 · Fig2Dev +3

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.7b Description: A global buffer overflow in the shade or tint name after declare color function in genpstricks.c allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format. The issue ...

7.8CVSS6.6AI score0.00508EPSS

Exploits20References125

Debian CVE•added 2021/08/10 12:0 a.m.•20 views

CVE-2020-21676

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format...

5.5CVSS5.5AI score0.00678EPSS

Exploits1

Positive Technologies•added 2021/08/10 12:0 a.m.•3 views

PT-2021-6497 · Fig2Dev +2 · Fig2Dev +2

Name of the Vulnerable Software and Affected Versions: fig2dev version 3.2.7b Description: The issue is related to a stack-based buffer overflow in the genptk text component of fig2dev, which can be exploited by converting a xfig file into ptk format. This allows a remote attacker to cause a deni...

7.8CVSS5.9AI score0.00678EPSS

Exploits14References73

CNVD•added 2021/05/27 12:0 a.m.•29 views

fig2dev buffer overflow vulnerability (CNVD-2021-86900)

Xfig fig2dev is a tool for printing and exporting .fig format files. A buffer overflow vulnerability exists in Fig2dev version 3.2.8a, which stems from a flawed boundary check in the program's read objects function, and can be exploited by an attacker to provide crafted, malicious input that can...

7.1CVSS6.8AI score0.00438EPSS

Exploits1References1

NVD•added 2021/05/26 10:15 p.m.•13 views

CVE-2021-3561

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in readobjects could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as...

7.1CVSS0.00438EPSS

Exploits1References6