CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-45342
https://notcve.org/view.php?id=CVE-2021-45342
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. Una vulnerabilidad de desbordamiento de búfer en CDataList del componente jwwlib de LibreCAD versiones 2.2.0-rc3 y anteriores, permite a un atacante lograr una Ejecución de Código Remota usando un documento JWW diseñado • https://github.com/LibreCAD/LibreCAD/issues/1464 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCC2FZ6HZOIK3775K4MTCOUHX6PLGPEL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS https://security.gentoo.org/glsa/202305-26 https://www.debian.org/security/2022/dsa-5077 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 1CVE-2021-45341
https://notcve.org/view.php?id=CVE-2021-45341
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. Una vulnerabilidad de desbordamiento de búfer en CDataMoji del componente jwwlib de LibreCAD versiones 2.2.0-rc3 y anteriores, permite a un atacante lograr la Ejecución de Código Remota usando un documento JWW diseñado • https://github.com/LibreCAD/LibreCAD/issues/1462 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCC2FZ6HZOIK3775K4MTCOUHX6PLGPEL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUMH3CWGVSMR2UIZEA35Q5UB7PDVVVYS https://security.gentoo.org/glsa/202305-26 https://www.debian.org/security/2022/dsa-5077 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19105
https://notcve.org/view.php?id=CVE-2018-19105
LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file. LibreCAD 2.1.3 permite a los atacantes remotos causar una denegación de servicio (violación de acceso de escritura 0x89C04589 y cierre inesperado de la aplicación) o, posiblemente, provocar un impacto de otro tipo no especificado a través de un archivo manipulado. • https://code610.blogspot.com/2018/11/crashing-librecad-213.html https://lists.debian.org/debian-lts-announce/2019/05/msg00005.html • CWE-787: Out-of-bounds Write •