CVE-2019-9773
- EPSS 2.8%
- Veröffentlicht 14.03.2019 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:17
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
CVE-2019-9772
- EPSS 2.44%
- Veröffentlicht 14.03.2019 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:17
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVE-2019-9771
- EPSS 2.52%
- Veröffentlicht 14.03.2019 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:17
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVE-2019-9770
- EPSS 2.89%
- Veröffentlicht 14.03.2019 09:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:16
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVE-2018-14524
- EPSS 0.24%
- Veröffentlicht 23.07.2018 08:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:15
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
CVE-2018-14471
- EPSS 0.35%
- Veröffentlicht 20.07.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:09
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
CVE-2018-14443
- EPSS 0.43%
- Veröffentlicht 20.07.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:04
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).