Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Libredwg Security Vulnerabilities - 2020

cve
cve

CVE-2019-20909

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.

7.5CVSS

7.4AI Score

0.001EPSS

2020-07-16 06:15 PM
29
cve
cve

CVE-2019-20910

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.

8.1CVSS

8.2AI Score

0.003EPSS

2020-07-16 06:15 PM
23
cve
cve

CVE-2019-20911

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.

6.5CVSS

6.2AI Score

0.001EPSS

2020-07-16 06:15 PM
30
cve
cve

CVE-2019-20912

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.

8.8CVSS

8.7AI Score

0.003EPSS

2020-07-16 06:15 PM
24
cve
cve

CVE-2019-20913

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.

8.1CVSS

7.9AI Score

0.002EPSS

2020-07-16 06:15 PM
31
cve
cve

CVE-2019-20914

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.

9.8CVSS

9.2AI Score

0.004EPSS

2020-07-16 06:15 PM
28
cve
cve

CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.

8.1CVSS

7.9AI Score

0.002EPSS

2020-07-16 06:15 PM
26
cve
cve

CVE-2020-15807

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.

6.5CVSS

6.4AI Score

0.002EPSS

2020-07-17 04:15 PM
23
cve
cve

CVE-2020-6609

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.

8.8CVSS

8.6AI Score

0.002EPSS

2020-01-08 09:15 PM
107
cve
cve

CVE-2020-6610

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

6.5CVSS

7.2AI Score

0.001EPSS

2020-01-08 09:15 PM
112
cve
cve

CVE-2020-6611

GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.

6.5CVSS

7.2AI Score

0.001EPSS

2020-01-08 09:15 PM
100
cve
cve

CVE-2020-6612

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.

8.1CVSS

8.3AI Score

0.002EPSS

2020-01-08 09:15 PM
98
cve
cve

CVE-2020-6613

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.

8.1CVSS

8.3AI Score

0.002EPSS

2020-01-08 09:15 PM
108
cve
cve

CVE-2020-6614

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.

8.1CVSS

8.3AI Score

0.002EPSS

2020-01-08 09:15 PM
104
cve
cve

CVE-2020-6615

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).

6.5CVSS

7.3AI Score

0.001EPSS

2020-01-08 09:15 PM
105