CVE-2026-9502

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

CVE-2026-9501

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

CVE-2026-9500

A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...

CVE-2026-9504 GNU LibreDWG Dwggrep Utility dwggrep.c bit_convert_TU out-of-bounds

A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bitconvertTU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public...

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

CVE-2026-9501

CVE-2026-9501 affects GNU LibreDWG up to 0.14, specifically the Dwgread Utility’s src/decode.c decompress_R2004_section function. The vulnerability can cause a reachable assertion under local execution due to manipulation of input data. Exploitation status in the provided docs is not detailed bey...

CVE-2026-9500

GNU LibreDWG up to 0.14 is affected in the Dwgread Utility, specifically the read_2004_compressed_section in src/decode.c. The vulnerability is a heap-based buffer overflow triggered by manipulation, with local access required. The exploit is public, and the project has not publicly responded to ...

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A security vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a reachable assertion in the decompressR2004section function of the src/decode.c file in the Dwgread Utili...

SUSE CVE-2018-14524

dwgdecodeeed in decode.c in GNU LibreDWG before 0.6 leads to a double free in dwgfreeeed in free.c because it does not properly manage the obj-eed value after a free occurs...

SUSE CVE-2019-9779

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwgdxfLTYPE at dwg.spec earlier than CVE-2019-9776...

SUSE CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...

SUSE CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

SUSE CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...

SUSE CVE-2020-21815

A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via outputTEXT ../../programs/dwg2SVG.c:114, which causes a denial of service application crash...

SUSE CVE-2020-21819

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51...

SUSE CVE-2020-21830

A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bitcalcCRC ../../src/bits.c:2213...

SUSE CVE-2020-21836

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004sectionpreview ../../src/decode.c:3175...

SUSE CVE-2020-21838

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionappinfo ../../src/decode.c:2842...

GNU LibreDWG 资源管理错误漏洞

GNU LibreDWG is a GNU community C library for working with DWG files. A resource management error vulnerability exists in LibreDWG version v0.12.4.4608, which stems from a post-release reuse condition in bitcopychain...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2020-04064)

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in readpagesmap in decoder2007.c in GNU LibreDWG 0.9.3.2564. An attacker can exploit this vulnerability to cause a buffer overflow or heap overflow, among other things...