CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30259
https://notcve.org/view.php?id=CVE-2023-30259
28 Jun 2023 — A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file. • https://github.com/LibreCAD/LibreCAD/issues/1481 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 1%CPEs: 8EXPL: 1CVE-2021-45341 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-45341
25 Jan 2022 — A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. Una vulnerabilidad de desbordamiento de búfer en CDataMoji del componente jwwlib de LibreCAD versiones 2.2.0-rc3 y anteriores, permite a un atacante lograr la Ejecución de Código Remota usando un documento JWW diseñado Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use... • https://github.com/LibreCAD/LibreCAD/issues/1462 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 1CVE-2021-45342 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-45342
25 Jan 2022 — A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. Una vulnerabilidad de desbordamiento de búfer en CDataList del componente jwwlib de LibreCAD versiones 2.2.0-rc3 y anteriores, permite a un atacante lograr una Ejecución de Código Remota usando un documento JWW diseñado Multiple security issues were discovered in LibreCAD, an application for computer aided design (CAD) which co... • https://github.com/LibreCAD/LibreCAD/issues/1464 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-45343 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-45343
25 Jan 2022 — In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. En LibreCAD versión 2.2.0, una desreferencia de puntero NULL en el manejo de HATCH de libdxfrw permite a un atacante bloquear la aplicación usando un documento DXF diseñado Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. Thi... • https://github.com/LibreCAD/LibreCAD/issues/1468 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-21898 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-21898
19 Nov 2021 — A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código en la funcionalidad dwgCompressor::decompress18() de LibreCad libdxfrw versión 2.2.0-rc2-19-ge02f3580. Un archivo .dwg especialmente diseñado puede conllevar a una escritura fuera de lím... • https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-21899 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-21899
19 Nov 2021 — A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código en la funcionalidad dwgCompressor::copyCompBytes21 de LibreCad libdxfrw versión 2.2.0-rc2-19-ge02f3580. Un archivo .dwg especialmente diseñado puede conllevar a un desbordamiento del bú... • https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-21900 – Gentoo Linux Security Advisory 202305-26
https://notcve.org/view.php?id=CVE-2021-21900
19 Nov 2021 — A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código en la funcionalidad dxfRW::processLType() de LibreCad libdxfrw versión 2.2.0-rc2-19-ge02f3580. Un archivo .dxf especialmente diseñado puede conllevar a una vulnerabilidad de uso de memor... • https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19105 – Ubuntu Security Notice USN-5957-1
https://notcve.org/view.php?id=CVE-2018-19105
08 Nov 2018 — LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file. LibreCAD 2.1.3 permite a los atacantes remotos causar una denegación de servicio (violación de acceso de escritura 0x89C04589 y cierre inesperado de la aplicación) o, posiblemente, provocar un impacto de otro tipo no especificado a través de un archivo manipulado. Cody Sixteen discovered that LibreCAD incorrectly handled m... • https://code610.blogspot.com/2018/11/crashing-librecad-213.html • CWE-787: Out-of-bounds Write •