Lucene search
K

17002 matches found

Cvelist
Cvelist
added 2020/01/08 8:43 p.m.27 views

CVE-2020-6613

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bitsearchsentinel in bits.c...

8.4AI score0.01673EPSS
Exploits1References3
CVE
CVE
added 2020/01/08 8:43 p.m.240 views

CVE-2020-6613

CVE-2020-6613 affects GNU LibreDWG 0.9.3.2564 and is described as a heap-based over-read in bit_search_sentinel (bits.c). Connected entries show fixes in libredwg upstream to release 0.10 and security advisories (openSUSE/SUSE updates) that patch libredwg to mitigate CVE-2020-6613 (and related CV...

8.1CVSS8.3AI score0.01673EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/01/08 8:43 p.m.27 views

CVE-2020-6614

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfrread in decode.c...

8.4AI score0.01673EPSS
Exploits1References3
CVE
CVE
added 2020/01/08 8:43 p.m.128 views

CVE-2020-6614

CVE-2020-6614 affects GNU LibreDWG 0.9.3.2564 with a heap-based buffer over-read in bfr_read (decode.c). Connected advisories show libredwg fixes in OpenSUSE/SUSE updates (0.10 release), addressing this and related CVEs (6609–6615). Affected: openSUSE Leap 15.1 and backports; remediation is upgra...

8.1CVSS8.3AI score0.01673EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/01/08 8:43 p.m.135 views

CVE-2020-6615

CVE-2020-6615 affects GNU LibreDWG 0.9.3.2564, with an invalid pointer dereference in dwg_dynapi_entity_value (dynapi.c generated by gen-dynapi.pl). Connected sources tie this CVE to libredwg updates fixing multiple issues in version 0.10, and openSUSE/SUSE advisories list it among 7 vulnerabilit...

6.5CVSS7.3AI score0.01512EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/01/08 8:43 p.m.31 views

CVE-2020-6615

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...

7.4AI score0.01512EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/01/08 12:0 a.m.3 views

PT-2020-19179 · Gnu +1 · Gnu Libredwg +1

Name of the Vulnerable Software and Affected Versions: GNU LibreDWG version 0.9.3.2564 Description: The issue is related to a heap-based buffer over-read in the copy compressed bytes function located in decode r2007.c. Recommendations: For GNU LibreDWG version 0.9.3.2564, consider updating to a...

8.8CVSS6.5AI score0.01755EPSS
Exploits7References36
RedhatCVE
RedhatCVE
added 2020/01/07 9:40 p.m.37 views

CVE-2018-13033

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file, as demonstrated by bfdelfparseattributes in elf-attrs.c and bfdmalloc in libbfd.c...

5.5CVSS6.5AI score0.03095EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/01/04 9:43 a.m.28 views

CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

5.5CVSS5.1AI score0.01982EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.41 views

EulerOS 2.0 SP8 : tar (EulerOS-SA-2020-1035)

According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive. Tar can also be us...

4.7CVSS6.3AI score0.00526EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.37 views

EulerOS 2.0 SP8 : patch (EulerOS-SA-2020-1022)

According to the versions of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for...

9.3CVSS7.5AI score0.0556EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.87 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : patch Multiple Vulnerabilities (NS-SA-2019-0253)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has patch packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GNU patch before 2.7.6. Out- of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input...

9.3CVSS6.6AI score0.08411EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.27 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : gcc Multiple Vulnerabilities (NS-SA-2019-0233)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gcc packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash...

9.8CVSS8AI score0.05886EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.23 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : fribidi Vulnerability (NS-SA-2019-0264)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has fribidi packages installed that are affected by a vulnerability: - A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of...

7.8CVSS8.2AI score0.02182EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.48 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : binutils Multiple Vulnerabilities (NS-SA-2019-0228)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangli...

7.8CVSS6.6AI score0.05229EPSS
Exploits3References4
exploitpack
exploitpack
added 2019/12/30 12:0 a.m.37 views

AVE DOMINAplus 1.10.x - Authentication Bypass

AVE DOMINAplus 1.10.x - Authentication Bypass Exploit: AVE DOMINAplus 1.10.x - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID:...

0.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/12/28 3:32 a.m.39 views

CVE-2018-17794

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when called from iteratedemanglefunction...

6.5CVSS2.1AI score0.01803EPSS
Exploits0References2
NVD
NVD
added 2019/12/27 1:15 a.m.19 views

CVE-2019-20012

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...

6.5CVSS6.9AI score0.01358EPSS
Exploits1References4
OSV
OSV
added 2019/12/27 1:15 a.m.21 views

CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...

6.5CVSS6.7AI score
Exploits0References5
OSV
OSV
added 2019/12/27 1:15 a.m.18 views

CVE-2019-20012

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...

6.5CVSS6.7AI score
Exploits0References4
Rows per page
Query Builder