Lucene search
K

175 matches found

CNNVD
CNNVD
added 2022/01/25 12:0 a.m.4 views

LibreCAD 代码问题漏洞

LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A denial of service vulnerability in LibreCAD version 2.2.0, which originates from a null pointer dereference in the HATCH handling of libdxfrw, can be exploited by an attacker to crash the applicatio...

5.5CVSS5.7AI score0.009EPSS
Exploits1References8
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.6 views

LibreCAD 安全漏洞

LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A buffer overflow vulnerability exists in LibreCAD 2.2.0-rc3 and earlier versions, which originates when a networked system or product performs an operation in memory without properly validating data...

9.3CVSS6.8AI score0.06617EPSS
Exploits1References8
CVE
CVE
added 2022/01/25 12:0 a.m.107 views

CVE-2021-45342

Summary: CVE-2021-45342 is a buffer overflow in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older that enables Remote Code Execution via a crafted JWW document. Affected versions: LibreCAD 2.2.0-rc3 and older (per multiple advisories). Impact: attacker can achieve RCE through a cr...

7.8CVSS7.9AI score0.01934EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2022/01/25 12:0 a.m.33 views

CVE-2021-45342

A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...

8.6AI score0.01934EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/01/25 12:0 a.m.34 views

CVE-2021-45341

A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...

9.1AI score0.06617EPSS
Exploits1References5
CVE
CVE
added 2022/01/25 12:0 a.m.89 views

CVE-2021-45343

CVE-2021-45343 affects LibreCAD 2.2.0, where a NULL pointer dereference in the HATCH handling of libdxfrw can crash the application when processing a crafted DXF. The issue is rooted in the libdxfrw component used by LibreCAD, leading to a denial-of-service-style crash. Connected sources corrobor...

5.5CVSS5.4AI score0.009EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2022/01/25 12:0 a.m.30 views

CVE-2021-45343

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document...

5.5CVSS6.7AI score0.009EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/01/25 12:0 a.m.46 views

CVE-2021-45342

A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...

7.8CVSS8.4AI score0.01934EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/01/25 12:0 a.m.38 views

CVE-2021-45341

A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document...

9.3CVSS8.9AI score0.06617EPSS
Exploits1
FreeBSD
FreeBSD
added 2021/12/28 12:0 a.m.17 views

librecad -- out-of-bounds read in importshp plugin

Albin Eldstål-Ahrens reports: An out-of-bounds read on a heap buffer in the importshp plugin may allow an attacker to read sensitive data via a crafted DBF file...

5.5CVSS6.8AI score0.00318EPSS
Exploits1References1
Veracode
Veracode
added 2021/12/14 8:42 p.m.26 views

Remote Code Execution (RCE)

A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS3.6AI score0.02465EPSS
Exploits1References9Affected Software2
Veracode
Veracode
added 2021/12/14 8:13 p.m.25 views

Remote Code Execution (RCE)

librecad is vulnerable to remote code execution. The vulnerability exists due to a heap buffer overflow in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw allowing a specially-crafted .dwg file execute maliciously crafted script...

8.8CVSS2.4AI score0.02686EPSS
Exploits1References9Affected Software2
Veracode
Veracode
added 2021/12/14 8:13 p.m.33 views

Remote Code Execution (RCE)

librecad is vulnerable to remote code execution. An attacker is able to exploit the vulnerability by injecting a specially-crafted .dwg file via dwgCompressor::decompress18 functionality of LibreCad libdxfrw which can lead to an out-of-bounds write...

8.8CVSS4.9AI score0.02515EPSS
Exploits1References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/12/13 12:0 a.m.6 views

The vulnerability of the `dwgCompressor :: copyCompBytes21` function in the `libdfxfw` library of the LibreCAD automated design system allows a attacker to execute arbitrary code.

The vulnerability of the dwgCompressor :: copyCompBytes21 function in the libdfxfw library of the LibreCAD automated design system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using...

9.3CVSS8.5AI score0.02686EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.8 views

The vulnerability of the dwgCompressor function in the libdfxfw library of the LibreCad automated design system allows a hacker to execute arbitrary code.

The vulnerability of the dwgCompressor function in the libdfxfw library of the LibreCAD automated design system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially create...

9.3CVSS8.5AI score0.02515EPSS
Exploits1References6Affected Software2
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.16 views

Debian: Security Advisory (DLA-2838-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.02686EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.17 views

Fedora: Security Advisory for librecad (FEDORA-2021-fa9e3c23f2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.02686EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.17 views

Fedora: Security Advisory for librecad (FEDORA-2021-67c946a9f3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.02686EPSS
Exploits3References2
Debian
Debian
added 2021/12/03 1:0 p.m.68 views

[SECURITY] [DLA 2838-1] librecad security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2838-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler December 03, 2021 https://wiki.debian.org/LTS -...

8.8CVSS9.6AI score0.02686EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/12/03 12:0 a.m.37 views

Debian DLA-2838-1 : librecad - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2838 advisory. - A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file...

8.8CVSS8.8AI score0.02686EPSS
Exploits3References9
Rows per page
Query Builder