13 matches found
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Fig2dev vulnerabilities (USN-7587-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7587-1 advisory. Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automate...
USN-7587-1: Fig2dev vulnerabilities
Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...
RHEL 7 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
RHEL 6 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1481-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1481-1 advisory. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 - fig2dev 3.2.7b contains a...
SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:3584-1)
The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3584-1 advisory. Update to fig2dev version 3.2.8 Patchlevel 8b Aug 2021 - bsc1190618, CVE-2020-21529: stack buffer overflow in the bezierspline functio...
openSUSE 15 Security Update : transfig (openSUSE-SU-2021:3584-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3584-1 advisory. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 - fig2dev 3.2.7b contains a...
SUSE: Security Advisory (SUSE-SU-2021:14823-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14823-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14823-1 advisory. - CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: Fixed out-of-bounds wri...
CVE-2020-21680
creationtimestamp| type| source ---|---|--- 2021-08-11 00:37:28+00:00| seen| https://t.me/cibsecurity/27091 2025-06-24 15:38:05+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lsegik67mc2r...
CVE-2020-21680
A stack-based buffer overflow in the putarrow component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format...
CVE-2020-21680
A stack-based buffer overflow in the putarrow component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format...
CVE-2020-21680
CVE-2020-21680 is a vulnerability in fig2dev (Xfig) where a stack-based buffer overflow in the put_arrow() function in genpict2e.c of fig2dev 3.2.7b allows an attacker to cause a denial of service when converting a xfig file to pict2e format. Affected software is fig2dev 3.2.7b (and related 3.2.x...