16992 matches found
Heap overflow
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...
Null pointer dereference
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodeLWPOLYLINE in dwg.spec...
Null pointer dereference
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodecommonentityhandledata in commonentityhandledata.spec...
Stack overflow
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bitreadTF...
CVE-2019-20909
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodeLWPOLYLINE in dwg.spec...
CVE-2019-20909
CVE-2019-20909 affects GNU LibreDWG (library for DWG files). Multiple connected sources confirm a NULL pointer dereference in the function dwg_encode_LWPOLYLINE (dwg.spec), present in LibreDWG up to version 0.9.3 and earlier. Documented impact describes a crash/denial of service vector via this d...
CVE-2019-20910
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decodeR13R2000 in decode.c, a different vulnerability than CVE-2019-20011...
CVE-2019-20910
GNU LibreDWG up to version 0.9.3 is affected by CVE-2019-20910 due to a heap-based buffer over-read in decode_R13_R2000 within decode.c. This is observed in the CVE-2019-20910 entries across NVD/CNVD/OSV and related advisories (e.g., OpenSUSE security update for libredwg). The vulnerability stems...
CVE-2019-20911
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bitcalcCRC in bits.c, related to a for loop...
CVE-2019-20911
CVE-2019-20911 affects GNU LibreDWG up to version 0.9.3. The vulnerability lies in bit_calc_CRC within bits.c, where a crafted input can trigger a denial of service due to a problematic for loop. The connected documents consistently describe DoS potential but do not provide explicit exploitation ...
CVE-2019-20912
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bitreadTF...
CVE-2019-20912
CVE-2019-20912 affects GNU LibreDWG up to version 0.9.3. The issue is a vulnerability in bits.c where crafted input can trigger a stack overflow, potentially related to bit_read_TF. Multiple connected sources reiter this description, indicating a stack overflow in memory operations caused by malf...
CVE-2019-20913
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwgencodeentity in commonentitydata.spec...
CVE-2019-20913
CVE-2019-20913 affects GNU LibreDWG up to version 0.9.3. The issue is a heap-based buffer over-read in the function dwg_encode_entity within common_entity_data.spec, triggered by crafted input. Impact is described as a heap-based over-read; no additional exploit details or remediation are provide...
CVE-2019-20914
GNU LibreDWG up to version 0.9.3 contains a NULL pointer dereference in dwg_encode_common_entity_handle_data (common_entity_handle_data.spec). This vulnerability is documented across multiple sources (Red Hat, SUSE, NVD, OSV, etc.). The available connected documents confirm the issue but do not p...
CVE-2019-20914
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodecommonentityhandledata in commonentityhandledata.spec...
CVE-2019-20915
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...
CVE-2019-20915
CVE-2019-20915 affects GNU LibreDWG up to version 0.9.3. A crafted input triggers a heap-based buffer over-read in bit_write_TF within bits.c, as described across multiple connected documents. Impact details in sources vary, but CVSS data from NVD indicates high impact under network attack with p...
Medium: patch
Issue Overview: In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. CVE-2019-13636 Affected Packages: patch Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for t...
Fedora: Security Advisory for kernel (FEDORA-2020-3c3d1d7006)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...