17002 matches found
CVE-2020-6613
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bitsearchsentinel in bits.c...
CVE-2020-6613
CVE-2020-6613 affects GNU LibreDWG 0.9.3.2564 and is described as a heap-based over-read in bit_search_sentinel (bits.c). Connected entries show fixes in libredwg upstream to release 0.10 and security advisories (openSUSE/SUSE updates) that patch libredwg to mitigate CVE-2020-6613 (and related CV...
CVE-2020-6614
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfrread in decode.c...
CVE-2020-6614
CVE-2020-6614 affects GNU LibreDWG 0.9.3.2564 with a heap-based buffer over-read in bfr_read (decode.c). Connected advisories show libredwg fixes in OpenSUSE/SUSE updates (0.10 release), addressing this and related CVEs (6609–6615). Affected: openSUSE Leap 15.1 and backports; remediation is upgra...
CVE-2020-6615
CVE-2020-6615 affects GNU LibreDWG 0.9.3.2564, with an invalid pointer dereference in dwg_dynapi_entity_value (dynapi.c generated by gen-dynapi.pl). Connected sources tie this CVE to libredwg updates fixing multiple issues in version 0.10, and openSUSE/SUSE advisories list it among 7 vulnerabilit...
CVE-2020-6615
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...
PT-2020-19179 · Gnu +1 · Gnu Libredwg +1
Name of the Vulnerable Software and Affected Versions: GNU LibreDWG version 0.9.3.2564 Description: The issue is related to a heap-based buffer over-read in the copy compressed bytes function located in decode r2007.c. Recommendations: For GNU LibreDWG version 0.9.3.2564, consider updating to a...
CVE-2018-13033
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file, as demonstrated by bfdelfparseattributes in elf-attrs.c and bfdmalloc in libbfd.c...
CVE-2018-20671
loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...
EulerOS 2.0 SP8 : tar (EulerOS-SA-2020-1035)
According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive. Tar can also be us...
EulerOS 2.0 SP8 : patch (EulerOS-SA-2020-1022)
According to the versions of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for...
NewStart CGSL CORE 5.05 / MAIN 5.05 : patch Multiple Vulnerabilities (NS-SA-2019-0253)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has patch packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GNU patch before 2.7.6. Out- of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input...
NewStart CGSL CORE 5.05 / MAIN 5.05 : gcc Multiple Vulnerabilities (NS-SA-2019-0233)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gcc packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash...
NewStart CGSL CORE 5.04 / MAIN 5.04 : fribidi Vulnerability (NS-SA-2019-0264)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has fribidi packages installed that are affected by a vulnerability: - A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of...
NewStart CGSL CORE 5.05 / MAIN 5.05 : binutils Multiple Vulnerabilities (NS-SA-2019-0228)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangli...
AVE DOMINAplus 1.10.x - Authentication Bypass
AVE DOMINAplus 1.10.x - Authentication Bypass Exploit: AVE DOMINAplus 1.10.x - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID:...
CVE-2018-17794
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when called from iteratedemanglefunction...
CVE-2019-20012
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...
CVE-2019-20013
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...
CVE-2019-20012
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...