Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Gnu Subscribe
Filtered by product Libredwg
Total 82 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25222 1 Gnu 1 Libredwg 2023-03-09 N/A 8.8 HIGH
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
CVE-2022-33026 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
CVE-2022-33025 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
CVE-2022-33028 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
CVE-2022-33032 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2022-33027 1 Gnu 1 Libredwg 2023-01-23 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
CVE-2022-45332 1 Gnu 1 Libredwg 2022-12-02 N/A 7.8 HIGH
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
CVE-2020-21827 1 Gnu 1 Libredwg 2022-10-26 6.8 MEDIUM 7.8 HIGH
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
CVE-2020-21839 1 Gnu 1 Libredwg 2022-10-26 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
CVE-2020-6609 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 6.8 MEDIUM 8.8 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVE-2020-6615 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
CVE-2020-6611 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 4.3 MEDIUM 6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVE-2020-6614 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
CVE-2020-6613 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVE-2020-6612 2 Gnu, Opensuse 3 Libredwg, Backports Sle, Leap 2022-09-12 5.8 MEDIUM 8.1 HIGH
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVE-2022-35164 1 Gnu 1 Libredwg 2022-08-19 N/A 9.8 CRITICAL
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
CVE-2022-33024 1 Gnu 1 Libredwg 2022-06-29 5.0 MEDIUM 7.5 HIGH
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.
CVE-2022-33033 1 Gnu 1 Libredwg 2022-06-29 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
CVE-2022-33034 1 Gnu 1 Libredwg 2022-06-29 6.8 MEDIUM 7.8 HIGH
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
CVE-2021-42585 1 Gnu 1 Libredwg 2022-05-29 6.8 MEDIUM 8.8 HIGH
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.