Reini Urban

13 exploits Active since Jul 2020
CVE-2019-20909 WRITEUP HIGH WRITEUP
GNU Libredwg < 0.9.3 - NULL Pointer Dereference
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec.
CVSS 7.5
CVE-2019-20910 WRITEUP HIGH WRITEUP
GNU Libredwg < 0.9.3 - Out-of-Bounds Read
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011.
CVSS 8.1
CVE-2019-20911 WRITEUP MEDIUM WRITEUP
GNU Libredwg < 0.9.3 - Infinite Loop
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
CVSS 6.5
CVE-2019-20912 WRITEUP HIGH WRITEUP
GNU Libredwg < 0.9.3 - Out-of-Bounds Write
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
CVSS 8.8
CVE-2019-20913 WRITEUP HIGH WRITEUP
GNU Libredwg < 0.9.3 - Out-of-Bounds Read
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec.
CVSS 8.1
CVE-2019-20914 WRITEUP CRITICAL WRITEUP
GNU Libredwg < 0.9.3 - NULL Pointer Dereference
An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec.
CVSS 9.8
CVE-2019-20915 WRITEUP HIGH WRITEUP
GNU LibreDWG <0.9.3 - Buffer Overflow
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c.
CVSS 8.1
CVE-2021-36080 WRITEUP HIGH WRITEUP
GNU LibreDWG <0.12.3.4191 - Use After Free
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
CVSS 8.8
CVE-2022-48623 WRITEUP CRITICAL WRITEUP
Rurban Cpanel < 4.33 - Out-of-Bounds Read
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
CVSS 9.1
CVE-2023-26157 WRITEUP MEDIUM WRITEUP
libredwg <0.12.5.6384 - DoS
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
CVSS 5.5
CVE-2023-36271 WRITEUP HIGH WRITEUP
LibreDWG <0.12.5 - Buffer Overflow
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVSS 8.8
CVE-2023-36272 WRITEUP HIGH WRITEUP
LibreDWG <0.13 - Buffer Overflow
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
CVSS 8.8
CVE-2023-36274 WRITEUP HIGH WRITEUP
LibreDWG <0.12.5 - Buffer Overflow
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVSS 8.8