# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-33034 |
787 |
|
Overflow |
2022-06-23 |
2022-06-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. |
2 |
CVE-2022-33033 |
415 |
|
|
2022-06-23 |
2022-06-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. |
3 |
CVE-2022-33032 |
787 |
|
Overflow |
2022-06-23 |
2023-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. |
4 |
CVE-2022-33028 |
787 |
|
Overflow |
2022-06-23 |
2023-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. |
5 |
CVE-2022-33027 |
416 |
|
|
2022-06-23 |
2023-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. |
6 |
CVE-2022-33026 |
787 |
|
Overflow |
2022-06-23 |
2023-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. |
7 |
CVE-2022-33025 |
416 |
|
|
2022-06-23 |
2023-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. |
8 |
CVE-2021-45078 |
787 |
|
DoS Overflow |
2021-12-15 |
2022-09-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. |
9 |
CVE-2021-44227 |
352 |
|
CSRF |
2021-12-02 |
2022-12-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. |
10 |
CVE-2021-43414 |
863 |
|
|
2021-11-07 |
2021-11-09 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access. |
11 |
CVE-2021-42586 |
787 |
|
Overflow |
2022-05-23 |
2022-05-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. |
12 |
CVE-2021-42585 |
787 |
|
Overflow |
2022-05-23 |
2022-05-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. |
13 |
CVE-2021-39537 |
787 |
|
Overflow |
2021-09-20 |
2022-12-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. |
14 |
CVE-2021-39530 |
787 |
|
Overflow |
2021-09-20 |
2021-09-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow. |
15 |
CVE-2021-39528 |
415 |
|
|
2021-09-20 |
2021-09-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free. |
16 |
CVE-2021-39527 |
787 |
|
Overflow |
2021-09-20 |
2021-09-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow. |
17 |
CVE-2021-39525 |
787 |
|
Overflow |
2021-09-20 |
2021-09-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow. |
18 |
CVE-2021-39522 |
787 |
|
Overflow |
2021-09-20 |
2021-09-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow. |
19 |
CVE-2021-38185 |
190 |
|
Exec Code Overflow |
2021-08-08 |
2021-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. |
20 |
CVE-2021-37322 |
416 |
|
|
2021-11-18 |
2021-12-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. |
21 |
CVE-2021-36080 |
415 |
|
|
2021-07-01 |
2021-07-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object). |
22 |
CVE-2021-35942 |
190 |
|
DoS |
2021-07-22 |
2022-11-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. |
23 |
CVE-2021-30184 |
120 |
|
Exec Code Overflow |
2021-04-07 |
2022-05-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. |
24 |
CVE-2021-20294 |
787 |
|
Overflow |
2021-04-29 |
2022-11-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. |
25 |
CVE-2021-3696 |
787 |
|
Exec Code |
2022-07-06 |
2022-10-28 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. |
26 |
CVE-2020-27779 |
|
|
|
2021-03-03 |
2022-10-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
27 |
CVE-2020-21844 |
|
|
Exec Code |
2021-05-17 |
2021-05-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. |
28 |
CVE-2020-21843 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. |
29 |
CVE-2020-21842 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. |
30 |
CVE-2020-21841 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135. |
31 |
CVE-2020-21840 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. |
32 |
CVE-2020-21838 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842. |
33 |
CVE-2020-21836 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175. |
34 |
CVE-2020-21833 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440. |
35 |
CVE-2020-21832 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. |
36 |
CVE-2020-21831 |
787 |
|
Overflow |
2021-05-17 |
2021-05-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. |
37 |
CVE-2020-21830 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. |
38 |
CVE-2020-21827 |
787 |
|
Overflow |
2021-05-17 |
2022-10-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. |
39 |
CVE-2020-21819 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51. |
40 |
CVE-2020-21818 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48. |
41 |
CVE-2020-21816 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46. |
42 |
CVE-2020-21814 |
787 |
|
Overflow |
2021-05-17 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97. |
43 |
CVE-2020-21813 |
787 |
|
Overflow |
2021-05-17 |
2021-05-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. |
44 |
CVE-2020-14372 |
184 |
|
Exec Code |
2021-03-03 |
2022-07-22 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. |
45 |
CVE-2020-6609 |
125 |
|
|
2020-01-08 |
2022-09-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. |
46 |
CVE-2020-6096 |
195 |
|
Exec Code |
2020-04-01 |
2022-11-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. |
47 |
CVE-2019-1010180 |
119 |
|
Exec Code Overflow |
2019-07-24 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet. |
48 |
CVE-2019-1010023 |
|
|
Exec Code |
2019-07-15 |
2020-11-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat." |
49 |
CVE-2019-20912 |
787 |
|
Overflow |
2020-07-16 |
2020-07-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF. |
50 |
CVE-2019-20433 |
125 |
|
|
2020-01-27 |
2020-01-31 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. |