CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33028
https://notcve.org/view.php?id=CVE-2022-33028
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. Se ha detectado que LibreDWG versión v0.12.4.4608, contiene un desbordamiento del búfer de la pila por medio de la función dwg_add_object en el archivo decode.c • https://github.com/LibreDWG/libredwg/issues/489 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33027
https://notcve.org/view.php?id=CVE-2022-33027
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. Se ha detectado que LibreDWG versión v0.12.4.4608, contiene un uso de memoria previamente liberada de la pila por medio de la función dwg_add_handleref en el archivo dwg.c • https://github.com/LibreDWG/libredwg/issues/490 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33026
https://notcve.org/view.php?id=CVE-2022-33026
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. Se ha detectado que LibreDWG versión v0.12.4.4608, contiene un desbordamiento del búfer de la pila por medio de la función bit_calc_CRC en el archivo bits.c • https://github.com/LibreDWG/libredwg/issues/484 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33024
https://notcve.org/view.php?id=CVE-2022-33024
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. Se presenta una aserción "int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *" fallida en la función dwg2dxf: decode.c:5801 en libredwg v0.12.4.4608 • https://github.com/LibreDWG/libredwg/issues/492 • CWE-617: Reachable Assertion •
CVSS: 6.9EPSS: 0%CPEs: 40EXPL: 0CVE-2021-3696 – grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
https://notcve.org/view.php?id=CVE-2021-3696
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Puede producirse una escritura fuera de límites de la pila durante el manejo de las tablas Huffman en el lector PNG. • https://bugzilla.redhat.com/show_bug.cgi?id=1991686 https://security.gentoo.org/glsa/202209-12 https://security.netapp.com/advisory/ntap-20220930-0001 https://access.redhat.com/security/cve/CVE-2021-3696 • CWE-787: Out-of-bounds Write •