Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/25 12:0 a.m.5 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Fig2dev vulnerabilities (USN-7587-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7587-1 advisory. Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automate...

6.6CVSS6.2AI score0.00853EPSS
Exploits6References7
Ubuntu
Ubuntu
added 2025/06/23 2:35 a.m.6 views

USN-7587-1: Fig2dev vulnerabilities

Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...

6.6CVSS6.1AI score0.00853EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 7 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

7.2AI score0.01381EPSS
Exploits16References18
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 6 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

7.1AI score0.01381EPSS
Exploits20References22
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.28 views

Amazon Linux AMI : transfig (ALAS-2023-1807)

The version of transfig installed on the remote host is prior to 3.2.7b-10.8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1807 advisory. 2024-06-07: CVE-2019-19797 was added to this advisory. An out-of-bounds write flaw was found in transfig in the way th...

5.5CVSS6.1AI score0.01221EPSS
Exploits7References16
Amazon
Amazon
added 2023/08/22 12:0 a.m.25 views

Medium: transfig

Issue Overview: An out-of-bounds write flaw was found in transfig in the way the fig2dev program handled the processing of Fig format files. Specifically, the flaw affects the translation process of Fig codes into the box graphics language. This flaw allows for potential exploitation by crashing...

5.5CVSS6.1AI score0.01221EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/07/26 12:0 a.m.21 views

Amazon Linux 2 : transfig (ALAS-2023-2173)

The version of transfig installed on the remote host is prior to 3.2.8b-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2173 advisory. 2023-08-03: CVE-2021-32280 was added to this advisory. A global buffer overflow in the setfill component in genge.c of...

5.5CVSS6.5AI score0.00949EPSS
Exploits2References6
Amazon
Amazon
added 2023/07/25 12:0 a.m.25 views

Medium: transfig

Issue Overview: 2023-08-03: CVE-2021-32280 was added to this advisory. A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format. CVE-2020-21682 An issue was discovered in fig2dev befo...

5.5CVSS6.1AI score0.00949EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/10/30 12:0 a.m.26 views

SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:3584-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3584-1 advisory. Update to fig2dev version 3.2.8 Patchlevel 8b Aug 2021 - bsc1190618, CVE-2020-21529: stack buffer overflow in the bezierspline functio...

5.5CVSS6.7AI score0.0109EPSS
Exploits12References37
Tenable Nessus
Tenable Nessus
added 2021/10/30 12:0 a.m.24 views

openSUSE 15 Security Update : transfig (openSUSE-SU-2021:3584-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3584-1 advisory. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 - fig2dev 3.2.7b contains a...

5.5CVSS6.5AI score0.0109EPSS
Exploits12References37
OpenVAS
OpenVAS
added 2021/10/07 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:14823-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.9AI score0.01241EPSS
Exploits9References13
Tenable Nessus
Tenable Nessus
added 2021/10/07 12:0 a.m.27 views

SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14823-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14823-1 advisory. - CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: Fixed out-of-bounds wri...

7.1CVSS6.9AI score0.01241EPSS
Exploits9References29
RedhatCVE
RedhatCVE
added 2021/08/11 6:20 p.m.54 views

CVE-2020-21682

A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

5.5CVSS4.6AI score0.00853EPSS
Exploits1References4
OSV
OSV
added 2021/08/10 9:15 p.m.9 views

CVE-2020-21682

A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

5.5CVSS6AI score
Exploits0References1
NVD
NVD
added 2021/08/10 9:15 p.m.25 views

CVE-2020-21682

A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

5.5CVSS0.00853EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/08/10 9:15 p.m.19 views

CVE-2020-21682

A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

5.5CVSS7AI score0.00853EPSS
Exploits1References3
CVE
CVE
added 2021/08/10 8:19 p.m.105 views

CVE-2020-21682

CVE-2020-21682 affects fig2dev 3.2.7b (genge.c: set_fill) with a global buffer overflow that enables a denial-of-service when converting a crafted Fig file to ge format. Several vendors/advisories (Red Hat transfig, Amazon ALAS- family, openSUSE/OpenVAS) reference this CVE among a cluster of Fig2...

5.5CVSS5.6AI score0.00853EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder