Page 49 of 329 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2

CVE-2019-20013

https://notcve.org/view.php?id=CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función decode_3dsolid en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643060 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2

CVE-2019-20014

https://notcve.org/view.php?id=CVE-2019-20014

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. Se detectó un problema en GNU LibreDWG versiones anteriores a 0.93. Se presenta una doble liberación en la función dwg_free en el archivo free.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/compare/0.9.2...0.9.3 https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643172 • CWE-415: Double Free •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2

CVE-2019-20015

https://notcve.org/view.php?id=CVE-2019-20015

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. Se detectó un problema en GNU LibreDWG versión 0.92. Una entrada diseñada conllevará a un intento de asignación de memoria excesiva en la función dwg_decode_LWPOLYLINE_private en el archivo dwg.spec. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643028 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2

CVE-2019-20010

https://notcve.org/view.php?id=CVE-2019-20010

An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. Se detectó un problema en GNU LibreDWG versión 0.92. Se presenta un uso de la memoria previamente liberada en la función resolve_objectref_vector en el archivo decode.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00045.html https://github.com/LibreDWG/libredwg/issues/176 https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643383 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

CVE-2019-19925 – sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive

https://notcve.org/view.php?id=CVE-2019-19925

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. La función zipfileUpdate en el archivo ext/misc/zipfile.c en SQLite versión 3.30.1, maneja inapropiadamente un nombre de ruta NULL durante una actualización de un archivo ZIP. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 https://security.netapp.com/advisory/ntap-20200114-0003 https://usn.ubuntu.com/4298-1 https • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •