16992 matches found
CVE-2019-20009
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...
Memory corruption
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...
Design/Logic Flaw
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...
Design/Logic Flaw
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolveobjectrefvector in decode.c...
Memory corruption
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeLWPOLYLINEprivate in dwg.spec...
Double free
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwgfree in free.c...
Heap overflow
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...
Memory corruption
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...
CVE-2019-20009
CVE-2019-20009 affects GNU LibreDWG prior to 0.93. The issue arises from crafted input causing an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec, leading to memory exhaustion. Multiple connected advisories (openSUSE/SUSE) document the vulnerability and confirm reme...
CVE-2019-20009
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...
CVE-2019-20011
CVE-2019-20011 is a heap-based buffer over-read in GNU LibreDWG up to version 0.9.3 (decode_R13_R2000 in decode.c). OpenSUSE/SUSE advisories indicate this was addressed by releasing LibreDWG 0.9.3 with overflow checks and related fixes, and other documents corroborate the same vulnerability class...
CVE-2019-20011
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...
CVE-2019-20012
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...
CVE-2019-20012
CVE-2019-20012 affects GNU LibreDWG up to version 0.92. Crafted input can cause an excessive memory allocation in dwg_decode_HATCH_private (dwg.spec). The Red Hat/OpenSUSE ecosystem references confirm the vulnerability and record fixes in LibreDWG, notably updating to release 0.9.x (e.g., 0.9.3) ...
CVE-2019-20013
CVE-2019-20013 affects GNU LibreDWG prior to 0.93: crafted input can trigger an excessive memory allocation in decode_3dsolid (dwg.spec). Connected advisories show this as addressed in the libredwg updates to release 0.9.3, with overflow/memory-leak mitigations and additional fuzzing protections....
CVE-2019-20013
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...
CVE-2019-20014
CVE-2019-20014 (GNU LibreDWG) is a double-free in dwg_free() before 0.93. Public documents confirm the issue and list fixes in LibreDWG releases up to 0.9.3 (OpenSUSE/EU/Red Hat advisories), with remediation by upgrading to 0.9.3 or later. NVD reports CVSS v2: 6.8 (NETWORK, PARTIAL/partial impact...
CVE-2019-20014
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwgfree in free.c...
CVE-2019-20015
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeLWPOLYLINEprivate in dwg.spec...
CVE-2019-20015
CVE-2019-20015 affects GNU LibreDWG 0.92. Crafted input can trigger an excessive memory allocation in dwg_decode_LWPOLYLINE_private (dwg.spec). Public U/A details are provided across multiple advisories; exploitability status is not stated in the provided documents. OpenSUSE/SUSE advisories show ...