Lucene search
K

16992 matches found

OSV
OSV
added 2019/12/27 1:15 a.m.21 views

CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...

6.5CVSS6.7AI score
Exploits0References5
Prion
Prion
added 2019/12/27 1:15 a.m.17 views

Memory corruption

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...

4.3CVSS6.3AI score0.01358EPSS
Exploits1References4Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.14 views

Design/Logic Flaw

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...

4.3CVSS6.3AI score0.01373EPSS
Exploits1References5Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.17 views

Design/Logic Flaw

An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolveobjectrefvector in decode.c...

6.8CVSS8.6AI score0.01429EPSS
Exploits1References4Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.14 views

Memory corruption

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeLWPOLYLINEprivate in dwg.spec...

4.3CVSS6.3AI score0.01358EPSS
Exploits1References4Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.18 views

Double free

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwgfree in free.c...

6.8CVSS8.5AI score0.01487EPSS
Exploits1References5Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.20 views

Heap overflow

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

6.8CVSS8AI score0.0147EPSS
Exploits1References4Affected Software3
Prion
Prion
added 2019/12/27 1:15 a.m.16 views

Memory corruption

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...

4.3CVSS6.3AI score0.01373EPSS
Exploits1References5Affected Software3
CVE
CVE
added 2019/12/27 12:15 a.m.180 views

CVE-2019-20009

CVE-2019-20009 affects GNU LibreDWG prior to 0.93. The issue arises from crafted input causing an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec, leading to memory exhaustion. Multiple connected advisories (openSUSE/SUSE) document the vulnerability and confirm reme...

6.5CVSS7.4AI score0.01373EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:15 a.m.23 views

CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...

7.6AI score0.01373EPSS
Exploits1References5
CVE
CVE
added 2019/12/27 12:15 a.m.185 views

CVE-2019-20011

CVE-2019-20011 is a heap-based buffer over-read in GNU LibreDWG up to version 0.9.3 (decode_R13_R2000 in decode.c). OpenSUSE/SUSE advisories indicate this was addressed by releasing LibreDWG 0.9.3 with overflow checks and related fixes, and other documents corroborate the same vulnerability class...

8.8CVSS8.2AI score0.0147EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:15 a.m.27 views

CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

8.7AI score0.0147EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/12/27 12:15 a.m.28 views

CVE-2019-20012

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...

7.6AI score0.01358EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 12:15 a.m.185 views

CVE-2019-20012

CVE-2019-20012 affects GNU LibreDWG up to version 0.92. Crafted input can cause an excessive memory allocation in dwg_decode_HATCH_private (dwg.spec). The Red Hat/OpenSUSE ecosystem references confirm the vulnerability and record fixes in LibreDWG, notably updating to release 0.9.x (e.g., 0.9.3) ...

6.5CVSS7.4AI score0.01358EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2019/12/27 12:14 a.m.190 views

CVE-2019-20013

CVE-2019-20013 affects GNU LibreDWG prior to 0.93: crafted input can trigger an excessive memory allocation in decode_3dsolid (dwg.spec). Connected advisories show this as addressed in the libredwg updates to release 0.9.3, with overflow/memory-leak mitigations and additional fuzzing protections....

6.5CVSS7.4AI score0.01373EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.22 views

CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...

7.6AI score0.01373EPSS
Exploits1References5
CVE
CVE
added 2019/12/27 12:14 a.m.181 views

CVE-2019-20014

CVE-2019-20014 (GNU LibreDWG) is a double-free in dwg_free() before 0.93. Public documents confirm the issue and list fixes in LibreDWG releases up to 0.9.3 (OpenSUSE/EU/Red Hat advisories), with remediation by upgrading to 0.9.3 or later. NVD reports CVSS v2: 6.8 (NETWORK, PARTIAL/partial impact...

8.8CVSS8.8AI score0.01487EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.28 views

CVE-2019-20014

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwgfree in free.c...

8.9AI score0.01487EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.21 views

CVE-2019-20015

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeLWPOLYLINEprivate in dwg.spec...

7.6AI score0.01358EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 12:14 a.m.184 views

CVE-2019-20015

CVE-2019-20015 affects GNU LibreDWG 0.92. Crafted input can trigger an excessive memory allocation in dwg_decode_LWPOLYLINE_private (dwg.spec). Public U/A details are provided across multiple advisories; exploitability status is not stated in the provided documents. OpenSUSE/SUSE advisories show ...

6.5CVSS7.4AI score0.01358EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder