CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2025-31181 – Gnuplot: gnuplot segmentation fault on x11_graphics
https://notcve.org/view.php?id=CVE-2025-31181
27 Mar 2025 — A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. This update for gnuplot fixes the following issues. Invalid read leads to segmentation fault on plot3d_points. Improper bounds check leads to heap-buffer overflow on utf8_copy_one. • https://access.redhat.com/security/cve/CVE-2025-31181 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0CVE-2025-31180 – Gnuplot: gnuplot segmentation fault on canvas_text
https://notcve.org/view.php?id=CVE-2025-31180
27 Mar 2025 — A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. This update for gnuplot fixes the following issues. Invalid read leads to segmentation fault on plot3d_points. Improper bounds check leads to heap-buffer overflow on utf8_copy_one. • https://access.redhat.com/security/cve/CVE-2025-31180 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2025-31179 – Gnuplot: gnuplot segmentation fault on xstrftime
https://notcve.org/view.php?id=CVE-2025-31179
27 Mar 2025 — A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. This update for gnuplot fixes the following issues. Invalid read leads to segmentation fault on plot3d_points. Improper bounds check leads to heap-buffer overflow on utf8_copy_one. • https://access.redhat.com/security/cve/CVE-2025-31179 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2025-31178 – Gnuplot: gnuplot segmentation fault on getannotatestring
https://notcve.org/view.php?id=CVE-2025-31178
27 Mar 2025 — A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash. This update for gnuplot fixes the following issues. Invalid read leads to segmentation fault on plot3d_points. Improper bounds check leads to heap-buffer overflow on utf8_copy_one. • https://access.redhat.com/security/cve/CVE-2025-31178 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0CVE-2025-31176 – Gnuplot: gnuplot segmentation fault on plot3d_points
https://notcve.org/view.php?id=CVE-2025-31176
27 Mar 2025 — A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. This update for gnuplot fixes the following issues. Invalid read leads to segmentation fault on plot3d_points. Improper bounds check leads to heap-buffer overflow on utf8_copy_one. • https://access.redhat.com/security/cve/CVE-2025-31176 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25969 – Ubuntu Security Notice USN-7589-1
https://notcve.org/view.php?id=CVE-2020-25969
05 Jul 2023 — gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest(). Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Gnuplot could write out-of-bounds due to the use of ... • https://sourceforge.net/p/gnuplot/bugs/2311 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44917 – Ubuntu Security Notice USN-7589-1
https://notcve.org/view.php?id=CVE-2021-44917
21 Dec 2021 — A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash. Se presenta una vulnerabilidad de división por cero en gnuplot versión 5.4 en la función boundary3d en el archivo graph3d.c, que puede causar una excepción aritmética y un fallo de la aplicación Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use th... • https://sourceforge.net/p/gnuplot/bugs/2358 • CWE-369: Divide By Zero •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-29369
https://notcve.org/view.php?id=CVE-2021-29369
03 May 2021 — The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. El paquete gnuplot versiones anteriores 0.1.0 para Node.js permite una ejecución de código por medio de metacaracteres de shell en los comandos Gnuplot. • https://github.com/rkesters/gnuplot/commit/23671d4d3d28570fb19a936a6328bfac742410de • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25412 – Ubuntu Security Notice USN-7589-1
https://notcve.org/view.php?id=CVE-2020-25412
16 Sep 2020 — com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. com_line() en command.c en gnuplot 5.4 lleva a una escritura fuera de límites de strncpy() que puede llevar a la ejecución de código arbitrario Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a deni... • https://sourceforge.net/p/gnuplot/bugs/2303 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25559 – Ubuntu Security Notice USN-7589-1
https://notcve.org/view.php?id=CVE-2020-25559
16 Sep 2020 — gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution. gnuplot versión 5.5, está afectado por una doble liberación cuando se ejecutar la función print_set_output. Esto puede resultar en una ejecución de código arbitraria dependiendo del contexto Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot... • https://sourceforge.net/p/gnuplot/bugs/2312 • CWE-415: Double Free •