Reini Urban

21 exploits Active since Jul 2020
CVE-2026-9605 WRITEUP HIGH WRITEUP
GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow
A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 8f03865f37f5d4ffd616fef802acc980be54d300. Applying a patch is the recommended action to fix this issue.
CVSS 7.3
CVE-2026-9530 WRITEUP LOW WRITEUP
GNU LibreDWG Dwgbmp Utility decode.c read_2004_compressed_section out-of-bounds
A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8f03865f37f5d4ffd616fef802acc980be54d300. It is advisable to implement a patch to correct this issue.
CVSS 3.3
CVE-2026-9501 WRITEUP LOW WRITEUP
GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. A patch should be applied to remediate this issue.
CVSS 3.3
CVE-2026-9502 WRITEUP MEDIUM WRITEUP
GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. To fix this issue, it is recommended to deploy a patch.
CVSS 5.3
CVE-2026-9503 WRITEUP LOW WRITEUP
GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as 8f03865f37f5d4ffd616fef802acc980be54d300. Upgrading the affected component is advised.
CVSS 3.3
CVE-2026-9504 WRITEUP LOW WRITEUP
GNU LibreDWG Dwggrep Utility dwggrep.c bit_convert_TU out-of-bounds
A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: be996bf2178a40e98720f18c2414815d244413db. Applying a patch is the recommended action to fix this issue.
CVSS 3.3
CVE-2023-36271 WRITEUP HIGH WRITEUP
LibreDWG 0.10-0.12.5 - Heap Buffer Overflow via bit_wcs2nlen Function
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVSS 8.8
CVE-2023-36274 WRITEUP HIGH WRITEUP
LibreDWG 0.11-0.12.5 - Heap Buffer Overflow via bit_write_TF Function
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVSS 8.8
CVE-2019-20909 WRITEUP HIGH WRITEUP
GNU LibreDWG < 0.9.3 - NULL Pointer Dereference in dwg_encode_LWPOLYLINE
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.
CVSS 7.5
CVE-2019-20910 WRITEUP HIGH WRITEUP
GNU LibreDWG < 0.9.3 - Heap-Based Buffer Over-Read in decode_R13_R2000
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
CVSS 8.1
CVE-2019-20911 WRITEUP MEDIUM WRITEUP
GNU LibreDWG < 0.9.3 - Denial of Service via Infinite Loop in bit_calc_CRC
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
CVSS 6.5
CVE-2019-20912 WRITEUP HIGH WRITEUP
GNU LibreDWG < 0.9.3 - Stack Overflow in bits.c
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
CVSS 8.8
CVE-2019-20913 WRITEUP HIGH WRITEUP
GNU LibreDWG < 0.9.3 - Heap-Based Buffer Over-Read in dwg_encode_entity
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
CVSS 8.1
CVE-2019-20914 WRITEUP CRITICAL WRITEUP
GNU LibreDWG < 0.9.3 - NULL Pointer Dereference in dwg_encode_common_entity_handle_data
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
CVSS 9.8
CVE-2019-20915 WRITEUP HIGH WRITEUP
GNU LibreDWG <0.9.3 - Buffer Overflow
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.
CVSS 8.1
CVE-2021-36080 WRITEUP HIGH WRITEUP
GNU LibreDWG <0.12.3.4191 - Use After Free
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
CVSS 8.8
CVE-2022-48623 WRITEUP CRITICAL WRITEUP
Cpanel::JSON::XS < 4.33 - Out-of-bounds Read
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
CVSS 9.1
CVE-2023-26157 WRITEUP MEDIUM WRITEUP
libredwg < 0.12.5.6384 - Denial of Service via Out-of-Bounds Read in decode_r2007.c
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
CVSS 5.5
CVE-2023-36271 WRITEUP HIGH WRITEUP
LibreDWG 0.10-0.12.5 - Heap Buffer Overflow via bit_wcs2nlen Function
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVSS 8.8
CVE-2023-36272 WRITEUP HIGH WRITEUP
LibreDWG 0.10-0.12.5 - Heap Buffer Overflow via bit_utf8_to_TU Function
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
CVSS 8.8
CVE-2023-36274 WRITEUP HIGH WRITEUP
LibreDWG 0.11-0.12.5 - Heap Buffer Overflow via bit_write_TF Function
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVSS 8.8