Lucene search
K

17002 matches found

CVE
CVE
added 2019/12/27 12:15 a.m.185 views

CVE-2019-20011

CVE-2019-20011 is a heap-based buffer over-read in GNU LibreDWG up to version 0.9.3 (decode_R13_R2000 in decode.c). OpenSUSE/SUSE advisories indicate this was addressed by releasing LibreDWG 0.9.3 with overflow checks and related fixes, and other documents corroborate the same vulnerability class...

8.8CVSS8.2AI score0.0147EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:15 a.m.27 views

CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

8.7AI score0.0147EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 12:15 a.m.186 views

CVE-2019-20012

CVE-2019-20012 affects GNU LibreDWG up to version 0.92. Crafted input can cause an excessive memory allocation in dwg_decode_HATCH_private (dwg.spec). The Red Hat/OpenSUSE ecosystem references confirm the vulnerability and record fixes in LibreDWG, notably updating to release 0.9.x (e.g., 0.9.3) ...

6.5CVSS7.4AI score0.01358EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:15 a.m.28 views

CVE-2019-20012

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeHATCHprivate in dwg.spec...

7.6AI score0.01358EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 12:14 a.m.190 views

CVE-2019-20013

CVE-2019-20013 affects GNU LibreDWG prior to 0.93: crafted input can trigger an excessive memory allocation in decode_3dsolid (dwg.spec). Connected advisories show this as addressed in the libredwg updates to release 0.9.3, with overflow/memory-leak mitigations and additional fuzzing protections....

6.5CVSS7.4AI score0.01373EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.22 views

CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...

7.6AI score0.01373EPSS
Exploits1References5
CVE
CVE
added 2019/12/27 12:14 a.m.182 views

CVE-2019-20014

CVE-2019-20014 (GNU LibreDWG) is a double-free in dwg_free() before 0.93. Public documents confirm the issue and list fixes in LibreDWG releases up to 0.9.3 (OpenSUSE/EU/Red Hat advisories), with remediation by upgrading to 0.9.3 or later. NVD reports CVSS v2: 6.8 (NETWORK, PARTIAL/partial impact...

8.8CVSS8.8AI score0.01487EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.28 views

CVE-2019-20014

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwgfree in free.c...

8.9AI score0.01487EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.21 views

CVE-2019-20015

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeLWPOLYLINEprivate in dwg.spec...

7.6AI score0.01358EPSS
Exploits1References4
CVE
CVE
added 2019/12/27 12:14 a.m.185 views

CVE-2019-20015

CVE-2019-20015 affects GNU LibreDWG 0.92. Crafted input can trigger an excessive memory allocation in dwg_decode_LWPOLYLINE_private (dwg.spec). Public U/A details are provided across multiple advisories; exploitability status is not stated in the provided documents. OpenSUSE/SUSE advisories show ...

6.5CVSS7.4AI score0.01358EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2019/12/27 12:14 a.m.183 views

CVE-2019-20010

CVE-2019-20010 affects GNU LibreDWG 0.92 with a use-after-free in resolve_objectref_vector (decode.c). Connected advisories show openSUSE/libredwg updates up to release 0.9.3 addressing this and related CVEs (e.g., 2019-20010, 2019-20011, 2019-20012, 2019-20013, 2019-20014, 2019-20015) across Ope...

8.8CVSS8.8AI score0.01429EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/12/27 12:14 a.m.23 views

CVE-2019-20010

An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolveobjectrefvector in decode.c...

9AI score0.01429EPSS
Exploits1References4
CNVD
CNVD
added 2019/12/27 12:0 a.m.2 views

GNU LibreDWG Excessive Memory Allocation Vulnerability (CNVD-2020-03561)

LibreDWG is a free C library for reading and writing DWG files. An excessive memory allocation vulnerability exists in dwgdecodeHATCHprivate in dwg.spec in GNU LibreDWG 0.92. An attacker can exploit this vulnerability via specially crafted input to cause an attempt to allocate too much memory,...

6.5CVSS6.8AI score0.01358EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/27 12:0 a.m.3 views

GNU LibreDWG Excessive Memory Allocation Vulnerability (CNVD-2020-03562)

GNU LibreDWG is a GNU Project C library for working with DWG files. A security vulnerability exists in the 'decode3dsolid' function of dwg.spec in versions of GNU LibreDWG prior to 0.93. An attacker can exploit this vulnerability to cause a denial of service large memory consumption...

6.5CVSS6.7AI score0.01373EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/27 12:0 a.m.2 views

GNU LibreDWG Post-Release Reuse Vulnerability

GNU LibreDWG is a GNU Project C library for working with DWG files. A post-release reuse vulnerability exists in the 'resolveobjectrefvector' function in the decode.c file in GNU LibreDWG version 0.92. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files,...

8.8CVSS7AI score0.01429EPSS
Exploits1References1
0day.today
0day.today
added 2019/12/27 12:0 a.m.206 views

AVE DOMINAplus 1.10.x Authentication Bypass Vulnerability

AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/12/27 12:0 a.m.4 views

PT-2019-6404 · Gnu +3 · Gnu Binutils +3

Name of the Vulnerable Software and Affected Versions: GNU Binutils versions prior to 2.34 Description: The issue is related to an uninitialized-heap vulnerability in the tic4x print cond function, located in the opcodes/tic4x-dis.c component of the GNU Binutils software development tool. This...

8.8CVSS6.3AI score0.00698EPSS
Exploits8References50
0day.today
0day.today
added 2019/12/27 12:0 a.m.493 views

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/12/27 12:0 a.m.184 views

AVE DOMINAplus 1.10.x Authentication Bypass

AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

0.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/12/26 9:56 a.m.36 views

CVE-2018-20002

The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service memory consumption, as demonstrated by nm...

5.5CVSS3.1AI score0.01819EPSS
Exploits1References2
Rows per page
Query Builder