Vendor CVEs
LibreDWG
All CVEs
62 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-35164 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2022 | LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. | ||
| CVE-2021-28237 | Cri | 0.64 | 9.8 | 0.01 | Dec 2, 2021 | LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13. | ||
| CVE-2019-9775 | Cri | 0.59 | 9.1 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec. | ||
| CVE-2019-9774 | Cri | 0.59 | 9.1 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c. | ||
| CVE-2023-36273 | Hig | 0.57 | 8.8 | 0.01 | Jun 23, 2023 | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||
| CVE-2021-42586 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2022 | A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | ||
| CVE-2021-42585 | Hig | 0.57 | 8.8 | 0.01 | May 23, 2022 | A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | ||
| CVE-2021-39530 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow. | ||
| CVE-2021-39528 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free. | ||
| CVE-2021-39527 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow. | ||
| CVE-2021-39525 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow. | ||
| CVE-2021-39522 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow. | ||
| CVE-2020-21830 | Hig | 0.57 | 8.8 | 0.01 | May 17, 2021 | A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. | ||
| CVE-2019-20914 | Cri | 0.57 | 9.8 | 0.02 | Jul 16, 2020 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec. | ||
| CVE-2019-20014 | Hig | 0.57 | 8.8 | 0.01 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | ||
| CVE-2019-20010 | Hig | 0.57 | 8.8 | 0.01 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | ||
| CVE-2020-6613 | Hig | 0.53 | 8.1 | 0.02 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | ||
| CVE-2022-45332 | Hig | 0.51 | 7.8 | 0.00 | Nov 30, 2022 | LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||
| CVE-2022-33034 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | ||
| CVE-2022-33033 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | ||
| CVE-2022-33032 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||
| CVE-2022-33028 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. | ||
| CVE-2022-33027 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | ||
| CVE-2022-33026 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||
| CVE-2022-33025 | Hig | 0.51 | 7.8 | 0.01 | Jun 23, 2022 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | ||
| CVE-2020-21827 | Hig | 0.51 | 7.8 | 0.01 | May 17, 2021 | A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. | ||
| CVE-2022-33024 | Hig | 0.49 | 7.5 | 0.01 | Jun 23, 2022 | There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. | ||
| CVE-2021-28236 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2021 | LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c. | ||
| CVE-2019-9779 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776). | ||
| CVE-2019-9778 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec. | ||
| CVE-2019-9777 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec. | ||
| CVE-2019-9776 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779). | ||
| CVE-2019-9773 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension. | ||
| CVE-2019-9772 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. | ||
| CVE-2019-9771 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c. | ||
| CVE-2019-9770 | Hig | 0.49 | 7.5 | 0.03 | Mar 14, 2019 | An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension. | ||
| CVE-2018-14444 | Hig | 0.49 | 7.5 | 0.01 | Jul 20, 2018 | libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash. | ||
| CVE-2019-20913 | Hig | 0.46 | 8.1 | 0.01 | Jul 16, 2020 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec. | ||
| CVE-2025-61154 | Med | 0.42 | 6.5 | 0.00 | Mar 12, 2026 | Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c. | ||
| CVE-2021-45950 | Med | 0.42 | 6.5 | 0.01 | Jan 1, 2022 | LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | ||
| CVE-2021-39523 | Med | 0.42 | 6.5 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2021-39521 | Med | 0.42 | 6.5 | 0.01 | Sep 20, 2021 | An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2020-15807 | Med | 0.42 | 6.5 | 0.01 | Jul 17, 2020 | GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files. | ||
| CVE-2020-6615 | Med | 0.42 | 6.5 | 0.02 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | ||
| CVE-2020-6610 | Med | 0.42 | 6.5 | 0.01 | Jan 8, 2020 | GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | ||
| CVE-2019-20013 | Med | 0.42 | 6.5 | 0.01 | Dec 27, 2019 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | ||
| CVE-2026-9605 | Hig | 0.40 | 7.3 | 0.00 | May 27, 2026 | A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been… | ||
| CVE-2020-23861 | Med | 0.36 | 5.5 | 0.01 | May 18, 2021 | A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | ||
| CVE-2018-14471 | Med | 0.35 | 6.5 | 0.01 | Jul 20, 2018 | dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. | ||
| CVE-2018-14443 | Med | 0.35 | 6.5 | 0.01 | Jul 20, 2018 | get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV). |
- risk 0.64cvss 9.8epss 0.01
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
- risk 0.64cvss 9.8epss 0.01
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.
- risk 0.59cvss 9.1epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
- risk 0.59cvss 9.1epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
- risk 0.57cvss 8.8epss 0.01
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
- risk 0.57cvss 8.8epss 0.01
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
- risk 0.57cvss 8.8epss 0.01
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
- risk 0.57cvss 8.8epss 0.01
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
- risk 0.53cvss 8.1epss 0.02
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
- risk 0.51cvss 7.8epss 0.00
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
- risk 0.51cvss 7.8epss 0.01
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
- risk 0.51cvss 7.8epss 0.01
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
- risk 0.49cvss 7.5epss 0.01
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.
- risk 0.49cvss 7.5epss 0.01
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
- risk 0.49cvss 7.5epss 0.01
libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.
- risk 0.46cvss 8.1epss 0.01
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
- risk 0.42cvss 6.5epss 0.00
Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.
- risk 0.42cvss 6.5epss 0.01
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
- risk 0.42cvss 6.5epss 0.01
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
- risk 0.42cvss 6.5epss 0.02
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
- risk 0.42cvss 6.5epss 0.01
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
- risk 0.40cvss 7.3epss 0.00
A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been…
- risk 0.36cvss 5.5epss 0.01
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
- risk 0.35cvss 6.5epss 0.01
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
- risk 0.35cvss 6.5epss 0.01
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).
Page 1 of 2