6 matches found
CVE-2019-13989
CVE-2019-13989 affects dpic 2019.06.20, with a Stack-based Buffer Overflow in the wfloat() function of main.c. The vulnerability can impact C/I/A (per CVSS) and has public advisories indicating fixes in newer dpic packages (e.g., Mageia MGASA-2020-0460) and vendor/OS advisories; patching/upgradin...
CVE-2021-32421
CVE-2021-32421 affects dpic; a Heap Use-After-Free in thedeletestringbox() function of dpic.y is reported for dpic 2021.01.01. Connected advisories confirm the same class of issue and identify the root cause as a heap-use-after-free in the same function. Impact is high with availability impact pe...
CVE-2021-32420
CVE-2021-32420 affects dpic 2021.01.01 and is caused by a Heap-based Buffer Overflow in the thestorestring function in dpic.y. The CVE’s NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH) with Network attack vector, Low attack complexity, no privileges or user interaction, and Availability impa...
CVE-2021-33390
CVE-2021-33390 relates to dpic 2021.04.10, which has a use-after-free in thedeletestringbox() function of dpic.y. The connected OSV/NVD entries confirm this is a distinct vulnerability from CVE-2021-32421. No explicit exploit details, affected versions beyond 2021.04.10, or remediation steps are ...
CVE-2021-33388
CVE-2021-33388 affects the dpic package: the 2021.04.10 release contains a Heap Buffer Overflow in the makevar() function (dpic.y) . CVSSv3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction. Several connected sources confirm the issue and note remediation status varies b...
CVE-2021-32422
CVE-2021-32422 concerns dpic 2021.01.01, which has a Global buffer overflow in the theyylex() function of main.c causing reads past the end of an array. Affects dpic and is reflected across multiple advisories (Red Hat, SUSE, Ubuntu, Debian, OSV, NVD). The CVSSv3.1 base score is 7.5 (HIGH) with n...