cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-26157,https://securityvulnerability.io/vulnerability/CVE-2023-26157,Denial of Service Vulnerability in LibreDWG Library,"A vulnerability exists in the LibreDWG library that can lead to Denial of Service due to an out-of-bounds read condition found in the decode_r2007.c file. This flaw can result in unintended behavior, potentially causing service disruptions when users attempt to process certain types of data. It is essential for users of the affected versions to apply the necessary patches and updates to mitigate any risks associated with this vulnerability.",Gnu,Libredwg,5.5,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-01-02T05:15:00.000Z,0
CVE-2023-36274,https://securityvulnerability.io/vulnerability/CVE-2023-36274,Heap Buffer Overflow in LibreDWG Software by LibreDWG,"LibreDWG v0.12.5 has been identified to have a vulnerability that allows for a heap buffer overflow. This issue arises specifically in the function bit_write_TF located in the bits.c file, which could be exploited to manipulate memory inappropriately, potentially leading to unexpected application behavior or system compromise. Users of this version are advised to take action to mitigate possible risks.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2023-36273,https://securityvulnerability.io/vulnerability/CVE-2023-36273,Heap Buffer Overflow in LibreDWG Affects LibreDWG v0.12.5,"LibreDWG v0.12.5 contains a vulnerability that allows attackers to exploit a heap buffer overflow through the function bit_calc_CRC in the bits.c source file. This flaw can potentially lead to arbitrary code execution, making it crucial for users to update to the latest version to mitigate risks associated with this vulnerability.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2023-36272,https://securityvulnerability.io/vulnerability/CVE-2023-36272,Heap Buffer Overflow in LibreDWG Affects Multiple Versions,"A heap buffer overflow has been identified in LibreDWG v0.12.5, specifically within the function bit_utf8_to_TU in bits.c. This vulnerability could potentially allow an attacker to execute arbitrary code or crash the application when processing specially crafted input.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2023-36271,https://securityvulnerability.io/vulnerability/CVE-2023-36271,Heap Buffer Overflow in LibreDWG Affects Multiple Versions,"LibreDWG v0.12.5 is affected by a heap buffer overflow vulnerability identified in the function bit_wcs2nlen within bits.c. This flaw can potentially allow an attacker to exploit certain input conditions, leading to unexpected behavior or data corruption. It is critical for users of this version to assess the risk and apply necessary patches or mitigation strategies as they become available.",Gnu,Libredwg,8.8,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2023-25222,https://securityvulnerability.io/vulnerability/CVE-2023-25222,Heap-Based Buffer Overflow Vulnerability in GNU LibreDWG,"A heap-based buffer overflow vulnerability has been identified in GNU LibreDWG version 0.12.5, specifically within the bit_read_RC function found in bits.c. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service, potentially compromising the security and integrity of affected systems. It is crucial for users of GNU LibreDWG to apply the necessary patches or updates to mitigate the risk associated with this vulnerability.",Gnu,Libredwg,8.8,HIGH,0.0027199999894946814,false,,false,false,false,,,false,false,,2023-03-01T00:00:00.000Z,0
CVE-2022-45332,https://securityvulnerability.io/vulnerability/CVE-2022-45332,Heap Buffer Overflow Vulnerability in LibreDWG by LibreDWG,"A heap buffer overflow was identified in LibreDWG version 0.12.4.4643, particularly within the function decode_preR13_section_hdr at decode_r11.c. This flaw can potentially lead to memory corruption, which may allow an attacker to execute arbitrary code or cause unexpected behavior in the application. Users of affected versions should apply updates or patches as they become available to mitigate this security risk.",Gnu,Libredwg,7.8,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2022-11-30T00:00:00.000Z,0
CVE-2022-35164,https://securityvulnerability.io/vulnerability/CVE-2022-35164,Heap Use-After-Free Vulnerability in LibreDWG by LibreDWG,"A heap use-after-free vulnerability was identified in LibreDWG, allowing potential exploitation through improper memory management within the function bit_copy_chain. This security flaw could lead to unexpected behavior or crashes when processing certain input, posing risks to the integrity and availability of the software. Users are advised to review the issue and apply necessary updates.",Gnu,Libredwg,9.8,CRITICAL,0.0026400000788271427,false,,false,false,false,,,false,false,,2022-08-18T04:49:05.000Z,0
CVE-2022-33028,https://securityvulnerability.io/vulnerability/CVE-2022-33028,Heap Buffer Overflow in LibreDWG Affects Multiple Versions,"A heap buffer overflow vulnerability has been identified in LibreDWG v0.12.4.4608 within the function dwg_add_object in decode.c. This flaw can potentially allow an attacker to execute arbitrary code or disrupt application services, making it crucial for users and administrators to apply relevant patches and security updates.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33032,https://securityvulnerability.io/vulnerability/CVE-2022-33032,Heap Buffer Overflow in LibreDWG Affects Security of Drawings,"A heap buffer overflow vulnerability has been found in LibreDWG v0.12.4.4608, specifically in the function decode_preR13_section_hdr located in decode_r11.c. This flaw could potentially allow attackers to manipulate memory allocation, leading to arbitrary code execution or crashes, compromising the integrity and availability of systems using this software.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33033,https://securityvulnerability.io/vulnerability/CVE-2022-33033,Double-Free Vulnerability in LibreDWG by LibreDWG,"LibreDWG v0.12.4.4608 has been identified to have a double-free vulnerability within the dwg_read_file function in dwg.c. This flaw may allow attackers to manipulate memory management, leading to unexpected behaviors or potential exploitation of the application. It is crucial for users to remain vigilant and update to the patched versions to mitigate any associated risks.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33027,https://securityvulnerability.io/vulnerability/CVE-2022-33027,Heap Use-After-Free Vulnerability in LibreDWG Software by LibreDWG,"A heap-use-after-free vulnerability was identified in LibreDWG v0.12.4.4608, specifically within the dwg_add_handleref function located in dwg.c. This flaw can potentially allow an attacker to exploit the system memory, leading to unpredictable behavior and security risks. Users are advised to review their installations and consider applying necessary mitigations.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33024,https://securityvulnerability.io/vulnerability/CVE-2022-33024,Assertion Failure in libredwg Affects Multiple Applications,"A vulnerability has been identified in libredwg, where an assertion failure occurs in the function 'decode_preR13_entities' at line 5801 of decode.c. This issue could impact applications using this library, leading to potential disruptions or security risks. It is crucial for users and developers relying on libredwg to assess their current versions and apply relevant patches or updates to mitigate this issue.",Gnu,Libredwg,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33025,https://securityvulnerability.io/vulnerability/CVE-2022-33025,Heap Use-After-Free Vulnerability in LibreDWG Affected by Function Flaw,"A heap-use-after-free vulnerability has been identified in LibreDWG version 0.12.4.4608. This issue arises from a flaw in the function decode_preR13_section located in the decode_r11.c file. If exploited, this vulnerability could allow an attacker to manipulate memory in a way that could lead to unexpected behaviors or system crashes, posing a risk to the integrity of systems utilizing this software.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33026,https://securityvulnerability.io/vulnerability/CVE-2022-33026,Heap Buffer Overflow in LibreDWG Affects Open Source CAD Software,"A serious heap buffer overflow vulnerability was identified in LibreDWG version 0.12.4.4608. The issue arises from the function bit_calc_CRC located in bits.c, which fails to properly handle memory, potentially allowing attackers to write outside the allocated buffer. This flaw could lead to data corruption or provide an opportunity for malicious code execution, posing a significant risk to users of the software.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-23T17:15:00.000Z,0
CVE-2022-33034,https://securityvulnerability.io/vulnerability/CVE-2022-33034,Stack Overflow Vulnerability in LibreDWG by LibreDWG,"A stack overflow vulnerability has been identified in LibreDWG v0.12.4.4608. This issue occurs within the 'copy_bytes' function located in decode_r2007.c, allowing attackers to potentially exploit the flaw for arbitrary code execution and affect the stability of the application. As such, it's critical for users to seek updates and ensure their installations are secure.",Gnu,Libredwg,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-06-22T13:33:38.000Z,0
CVE-2021-42586,https://securityvulnerability.io/vulnerability/CVE-2021-42586,Heap Buffer Overflow Vulnerability in LibreDWG Affected by Malicious DWG Files,"A heap buffer overflow vulnerability exists in the `copy_bytes` function within the `decode_r2007.c` file of LibreDWG. This flaw can be exploited by an attacker through the use of a specially crafted DWG file, leading to potential arbitrary code execution or system instability. Users are advised to upgrade to the latest version, 0.12.4 or later, to mitigate the risks associated with this vulnerability.",Gnu,Libredwg,8.8,HIGH,0.0029299999587237835,false,,false,false,false,,,false,false,,2022-05-23T10:39:30.000Z,0
CVE-2021-42585,https://securityvulnerability.io/vulnerability/CVE-2021-42585,Heap Buffer Overflow in dwgread with Affected Vendor LibreDWG,"A heap buffer overflow vulnerability was identified in the dwgread component of LibreDWG. This flaw occurs in the copy_compressed_bytes function within the decode_r2007.c file, allowing an attacker to exploit this issue by utilizing a specially crafted DWG file. Successful exploitation could lead to unintended consequences, including disruption of service or execution of arbitrary code.",Gnu,Libredwg,8.8,HIGH,0.0029299999587237835,false,,false,false,false,,,false,false,,2022-05-23T10:35:43.000Z,0
CVE-2021-45950,https://securityvulnerability.io/vulnerability/CVE-2021-45950,Out-of-Bounds Write Vulnerability in LibreDWG Affects Multiple Versions,"LibreDWG versions 0.12.4.4313 through 0.12.4.4367 suffer from an out-of-bounds write vulnerability in the dwg_free_BLOCK_private function. This flaw can potentially lead to memory corruption, enabling attackers to exploit the software inadvertently, thus compromising the application's security and stability. Timely patching of the affected versions is strongly advised to mitigate potential security risks.",Gnu,Libredwg,6.5,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2022-01-01T00:15:00.000Z,0
CVE-2021-28237,https://securityvulnerability.io/vulnerability/CVE-2021-28237,Heap-Buffer Overflow in LibreDWG Affects Your Data Security,"LibreDWG version 0.12.3 is susceptible to a heap-buffer overflow vulnerability that occurs during the decode_preR13 function. This vulnerability can potentially lead to unexpected behavior, including data corruption or unauthorized access to system memory. Users of affected versions are advised to monitor their systems closely and apply relevant patches to mitigate the risks associated with this security flaw.",Gnu,Libredwg,9.8,CRITICAL,0.003269999986514449,false,,false,false,false,,,false,false,,2021-12-02T21:47:40.000Z,0
CVE-2021-28236,https://securityvulnerability.io/vulnerability/CVE-2021-28236,NULL Pointer Dereference Vulnerability in LibreDWG by LibreDWG,"LibreDWG v0.12.3 was found to be susceptible to a NULL pointer dereference, particularly in the out_dxfb.c file. This type of vulnerability occurs when a program attempts to access an object or variable that has not been initialized, which can lead to unexpected behaviors or crashes. As a result, this could compromise the stability and reliability of applications leveraging LibreDWG, requiring immediate attention to maintain system integrity and security.",Gnu,Libredwg,7.5,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2021-12-02T21:47:39.000Z,0
CVE-2021-39525,https://securityvulnerability.io/vulnerability/CVE-2021-39525,Heap-Based Buffer Overflow in libredwg Affects LibreDWG Software,"A buffer overflow vulnerability has been identified in LibreDWG's libredwg library, specifically in the bit_read_fixed() function located within bits.c. This issue allows for a heap-based buffer overflow which can potentially lead to unauthorized data manipulation or compromise of system integrity, affecting versions before v0.10.1.3751. Users of affected versions are encouraged to update to the latest releases as a precautionary measure.",Gnu,Libredwg,8.8,HIGH,0.0024999999441206455,false,,false,false,false,,,false,false,,2021-09-20T15:28:33.000Z,0
CVE-2021-39523,https://securityvulnerability.io/vulnerability/CVE-2021-39523,NULL Pointer Dereference in libredwg Affects LibreDWG Software,"A NULL pointer dereference vulnerability exists in the libredwg library, particularly within the check_POLYLINE_handles() function in decode.c. This flaw allows attackers to exploit the system, which may lead to Denial of Service, ultimately disrupting service availability for users. It's essential for users of affected versions to implement security measures to mitigate potential risks.",Gnu,Libredwg,6.5,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2021-09-20T15:26:51.000Z,0
CVE-2021-39527,https://securityvulnerability.io/vulnerability/CVE-2021-39527,Heap-based Buffer Overflow in LibreDWG Affects Multiple Versions,"A serious vulnerability has been identified in LibreDWG, specifically in the appinfo_private() function within decode.c. This issue allows for a heap-based buffer overflow, which could be exploited by attackers to execute arbitrary code or crash the application, leading to potential data breaches or system compromises. Users of affected versions should prioritize updating to mitigate any associated risks.",Gnu,Libredwg,8.8,HIGH,0.0024999999441206455,false,,false,false,false,,,false,false,,2021-09-20T15:26:50.000Z,0
CVE-2021-39528,https://securityvulnerability.io/vulnerability/CVE-2021-39528,Double Free Vulnerability in LibreDWG Affects Multiple Versions,"A double free vulnerability in the dwg_free_MATERIAL_private() function of LibreDWG has been identified, which may allow attackers to exploit memory management issues. The flaw can lead to potential crashes or manipulation of an affected system, especially when handling specific DWG files.",Gnu,Libredwg,8.8,HIGH,0.0030499999411404133,false,,false,false,false,,,false,false,,2021-09-20T15:26:49.000Z,0