Vulnerabilities > GNU > Libredwg > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-16 | CVE-2019-20912 | Out-of-bounds Write vulnerability in GNU Libredwg An issue was discovered in GNU LibreDWG through 0.9.3. | 6.8 |
| 2020-07-16 | CVE-2019-20911 | Infinite Loop vulnerability in GNU Libredwg An issue was discovered in GNU LibreDWG through 0.9.3. | 4.3 |
| 2020-07-16 | CVE-2019-20910 | Out-of-bounds Read vulnerability in GNU Libredwg An issue was discovered in GNU LibreDWG through 0.9.3. | 5.8 |
| 2020-07-16 | CVE-2019-20909 | NULL Pointer Dereference vulnerability in GNU Libredwg An issue was discovered in GNU LibreDWG through 0.9.3. | 5.0 |
| 2020-01-08 | CVE-2020-6615 | NULL Pointer Dereference vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | 4.3 |
| 2020-01-08 | CVE-2020-6614 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | 5.8 |
| 2020-01-08 | CVE-2020-6613 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | 5.8 |
| 2020-01-08 | CVE-2020-6612 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | 5.8 |
| 2020-01-08 | CVE-2020-6611 | NULL Pointer Dereference vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | 4.3 |
| 2020-01-08 | CVE-2020-6610 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | 4.3 |