CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26157
https://notcve.org/view.php?id=CVE-2023-26157
02 Jan 2024 — Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. Las versiones del paquete libredwg anteriores a 0.12.5.6384 son vulnerables a la Denegación de Servicio (DoS) debido a una lectura fuera de los límites que involucra section->num_pages en decode_r2007.c. • https://github.com/LibreDWG/libredwg/commit/c8cf03ce4c2315b146caf582ea061c0460193bcc • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36271
https://notcve.org/view.php?id=CVE-2023-36271
23 Jun 2023 — LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. • https://github.com/LibreDWG/libredwg/issues/681#BUG2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36272
https://notcve.org/view.php?id=CVE-2023-36272
23 Jun 2023 — LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. • https://github.com/LibreDWG/libredwg/issues/681#BUG1 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36273
https://notcve.org/view.php?id=CVE-2023-36273
23 Jun 2023 — LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. • https://github.com/LibreDWG/libredwg/issues/677#BUG1 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36274
https://notcve.org/view.php?id=CVE-2023-36274
23 Jun 2023 — LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. • https://github.com/LibreDWG/libredwg/issues/677#BUG2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-25222
https://notcve.org/view.php?id=CVE-2023-25222
01 Mar 2023 — A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. • https://github.com/LibreDWG/libredwg/issues/615 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45332
https://notcve.org/view.php?id=CVE-2022-45332
30 Nov 2022 — LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. Se descubrió que LibreDWG v0.12.4.4643 contenía un desbordamiento del búfer de memoria mediante la función decode_preR13_section_hdr en decode_r11.c. • https://github.com/LibreDWG/libredwg/issues/524 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-35164
https://notcve.org/view.php?id=CVE-2022-35164
18 Aug 2022 — LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. Se ha detectado que LibreDWG versión v0.12.4.4608 y el commit f2dea29 contienen un uso de memoria previamente liberada de la pila por medio de la función bit_copy_chain. • https://github.com/LibreDWG/libredwg/issues/497 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33034
https://notcve.org/view.php?id=CVE-2022-33034
22 Jun 2022 — LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. Se ha detectado que LibreDWG versión v0.12.4.4608, contiene un desbordamiento de pila por medio de la función copy_bytes en el archivo decode_r2007.c • https://github.com/LibreDWG/libredwg/issues/494 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33033
https://notcve.org/view.php?id=CVE-2022-33033
22 Jun 2022 — LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. Se ha detectado que LibreDWG versión v0.12.4.4608, contiene una doble liberación por medio de la función dwg_read_file en el archivo dwg.c • https://github.com/LibreDWG/libredwg/issues/493 • CWE-415: Double Free •