CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

798 matches found

RedhatCVE•added 2026/06/16 1:31 p.m.•6 views

CVE-2026-6039

A flaw was found in LibreOffice. This vulnerability, a heap buffer overflow, occurs when processing specially crafted DXF Drawing Exchange Format polyline files. An attacker could exploit this by convincing a user to open a malicious DXF file, which may lead to a denial of service DoS due to...

6.9CVSS5.4AI score0.00157EPSS

Exploits0References4

NVD•added 2026/06/15 6:16 p.m.•11 views

CVE-2026-6039

LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so a polyline whose...

6.9CVSS0.00157EPSS

Exploits0References1

CVE•added 2026/06/15 4:21 p.m.•9 views

CVE-2026-6039

CVE-2026-6039 affects LibreOffice DXF import: a heap buffer overflow occurs when importing a DXF polyline with a point count that exceeds 16-bit during buffer sizing, while the full count is used to fill the buffer. This mismatch allows writing past the end of the buffer. In fixed versions, such ...

6.9CVSS5.7AI score0.00157EPSS

Exploits0References1

Cvelist•added 2026/06/15 4:21 p.m.•29 views

CVE-2026-6039 Heap buffer overflow in DXF polyline import

6.9CVSS0.00157EPSS

Exploits0References1

EUVD•added 2026/06/15 4:21 p.m.•6 views

EUVD-2026-36734

6.9CVSS5.7AI score0.00157EPSS

Exploits0References1

Debian CVE•added 2026/06/15 4:21 p.m.•6 views

CVE-2026-6039

6.9CVSS5.6AI score0.00157EPSS

Exploits0

Tenable Nessus•added 2026/06/15 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-6039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from...

6.9CVSS6.2AI score0.00157EPSS

Exploits0References4

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49262

6.9CVSS5.6AI score0.00157EPSS

Exploits0References2

RedhatCVE•added 2026/06/05 7:48 p.m.•7 views

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.1AI score0.00143EPSS

Exploits0References1

Cvelist•added 2026/05/26 4:30 a.m.•40 views

CVE-2026-9530 GNU LibreDWG Dwgbmp Utility decode.c read_2004_compressed_section out-of-bounds

A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read2004compressedsection of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made...

4.8CVSS0.00143EPSS

Exploits0References7

CNNVD•added 2026/05/26 12:0 a.m.•9 views

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C-language library from the GNU community in the United States that is used for processing DWG files. Versions of GNU LibreDWG prior to 0.14 contained security vulnerabilities. These vulnerabilities were caused by improper handling of the read2004compressedsection function in th...

4.8CVSS5.8AI score0.00143EPSS

Exploits0References7

Cvelist•added 2026/05/25 8:30 p.m.•21 views

CVE-2026-9501 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

4.8CVSS0.00144EPSS

Exploits0References7

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use the /bpp:32 legacy GDI drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read vulnerabilities. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, use modern...

9.8CVSS7.3AI score0.01922EPSS

Exploits0References2

SUSE CVE•added 2026/05/13 2:22 p.m.•7 views

SUSE CVE-2026-42309

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

8.6CVSS5.8AI score0.00133EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40313

5.5CVSS5.8AI score0.00133EPSS

Exploits0References4

NVD•added 2026/05/09 6:16 a.m.•13 views

CVE-2026-42309

5.5CVSS0.00133EPSS

Exploits0References2