cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-26157,https://securityvulnerability.io/vulnerability/CVE-2023-26157,Denial of Service Vulnerability in LibreDWG Library,"A vulnerability exists in the LibreDWG library that can lead to Denial of Service due to an out-of-bounds read condition found in the decode_r2007.c file. This flaw can result in unintended behavior, potentially causing service disruptions when users attempt to process certain types of data. It is essential for users of the affected versions to apply the necessary patches and updates to mitigate any risks associated with this vulnerability.",Gnu,Libredwg,5.5,MEDIUM,0.0006300000241026282,false,false,false,false,,false,false,2024-01-02T05:15:00.000Z,0
CVE-2023-36271,https://securityvulnerability.io/vulnerability/CVE-2023-36271,Heap Buffer Overflow in LibreDWG Affects Multiple Versions,"LibreDWG v0.12.5 is affected by a heap buffer overflow vulnerability identified in the function bit_wcs2nlen within bits.c. This flaw can potentially allow an attacker to exploit certain input conditions, leading to unexpected behavior or data corruption. It is critical for users of this version to assess the risk and apply necessary patches or mitigation strategies as they become available.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-06-23T00:00:00.000Z,0
CVE-2023-36272,https://securityvulnerability.io/vulnerability/CVE-2023-36272,Heap Buffer Overflow in LibreDWG Affects Multiple Versions,"A heap buffer overflow has been identified in LibreDWG v0.12.5, specifically within the function bit_utf8_to_TU in bits.c. This vulnerability could potentially allow an attacker to execute arbitrary code or crash the application when processing specially crafted input.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-06-23T00:00:00.000Z,0
CVE-2023-36274,https://securityvulnerability.io/vulnerability/CVE-2023-36274,Heap Buffer Overflow in LibreDWG Software by LibreDWG,"LibreDWG v0.12.5 has been identified to have a vulnerability that allows for a heap buffer overflow. This issue arises specifically in the function bit_write_TF located in the bits.c file, which could be exploited to manipulate memory inappropriately, potentially leading to unexpected application behavior or system compromise. Users of this version are advised to take action to mitigate possible risks.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-06-23T00:00:00.000Z,0
CVE-2023-36273,https://securityvulnerability.io/vulnerability/CVE-2023-36273,Heap Buffer Overflow in LibreDWG Affects LibreDWG v0.12.5,"LibreDWG v0.12.5 contains a vulnerability that allows attackers to exploit a heap buffer overflow through the function bit_calc_CRC in the bits.c source file. This flaw can potentially lead to arbitrary code execution, making it crucial for users to update to the latest version to mitigate risks associated with this vulnerability.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2023-06-23T00:00:00.000Z,0
CVE-2023-25222,https://securityvulnerability.io/vulnerability/CVE-2023-25222,Heap-Based Buffer Overflow Vulnerability in GNU LibreDWG,"A heap-based buffer overflow vulnerability has been identified in GNU LibreDWG version 0.12.5, specifically within the bit_read_RC function found in bits.c. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service, potentially compromising the security and integrity of affected systems. It is crucial for users of GNU LibreDWG to apply the necessary patches or updates to mitigate the risk associated with this vulnerability.",Gnu,Libredwg,8.8,HIGH,0.0027199999894946814,false,false,false,false,,false,false,2023-03-01T00:00:00.000Z,0
CVE-2022-45332,https://securityvulnerability.io/vulnerability/CVE-2022-45332,,LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-11-30T00:00:00.000Z,0
CVE-2022-35164,https://securityvulnerability.io/vulnerability/CVE-2022-35164,,LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.,Gnu,Libredwg,9.8,CRITICAL,0.0026400000788271427,false,false,false,false,,false,false,2022-08-18T04:49:05.000Z,0
CVE-2022-33024,https://securityvulnerability.io/vulnerability/CVE-2022-33024,,"There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.",Gnu,Libredwg,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33033,https://securityvulnerability.io/vulnerability/CVE-2022-33033,,LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33028,https://securityvulnerability.io/vulnerability/CVE-2022-33028,,LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33027,https://securityvulnerability.io/vulnerability/CVE-2022-33027,,LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33032,https://securityvulnerability.io/vulnerability/CVE-2022-33032,,LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33025,https://securityvulnerability.io/vulnerability/CVE-2022-33025,,LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33026,https://securityvulnerability.io/vulnerability/CVE-2022-33026,,LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-23T17:15:00.000Z,0
CVE-2022-33034,https://securityvulnerability.io/vulnerability/CVE-2022-33034,,LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.,Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2022-06-22T13:33:38.000Z,0
CVE-2021-42586,https://securityvulnerability.io/vulnerability/CVE-2021-42586,,A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.,Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2022-05-23T10:39:30.000Z,0
CVE-2021-42585,https://securityvulnerability.io/vulnerability/CVE-2021-42585,,A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.,Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,false,false,false,,false,false,2022-05-23T10:35:43.000Z,0
CVE-2021-45950,https://securityvulnerability.io/vulnerability/CVE-2021-45950,,LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).,Gnu,Libredwg,6.5,MEDIUM,0.0011399999493733048,false,false,false,false,,false,false,2022-01-01T00:15:00.000Z,0
CVE-2021-28237,https://securityvulnerability.io/vulnerability/CVE-2021-28237,,LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.,Gnu,Libredwg,9.8,CRITICAL,0.003269999986514449,false,false,false,false,,false,false,2021-12-02T21:47:40.000Z,0
CVE-2021-28236,https://securityvulnerability.io/vulnerability/CVE-2021-28236,,LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.,Gnu,Libredwg,7.5,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2021-12-02T21:47:39.000Z,0
CVE-2021-39525,https://securityvulnerability.io/vulnerability/CVE-2021-39525,,An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.,Gnu,Libredwg,8.8,HIGH,0.0020699999295175076,false,false,false,false,,false,false,2021-09-20T15:28:33.000Z,0
CVE-2021-39523,https://securityvulnerability.io/vulnerability/CVE-2021-39523,,An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.,Gnu,Libredwg,6.5,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2021-09-20T15:26:51.000Z,0
CVE-2021-39527,https://securityvulnerability.io/vulnerability/CVE-2021-39527,,An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.,Gnu,Libredwg,8.8,HIGH,0.0020699999295175076,false,false,false,false,,false,false,2021-09-20T15:26:50.000Z,0
CVE-2021-39528,https://securityvulnerability.io/vulnerability/CVE-2021-39528,,An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.,Gnu,Libredwg,8.8,HIGH,0.002520000096410513,false,false,false,false,,false,false,2021-09-20T15:26:49.000Z,0