Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-39521 NULL Pointer Dereference vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-476
6.5
6.5
2021-09-20 CVE-2021-39523 NULL Pointer Dereference vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-476
6.5
6.5
2021-09-03 CVE-2021-40491 Insufficient Verification of Data Authenticity vulnerability in multiple products
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address.
network
low complexity
gnu debian CWE-345
6.5
6.5
2021-05-18 CVE-2020-23861 Out-of-bounds Write vulnerability in GNU Libredwg 0.10.1
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
local
low complexity
gnu CWE-787
5.5
5.5
2021-05-18 CVE-2020-23856 Use After Free vulnerability in multiple products
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5
2021-05-17 CVE-2020-21834 NULL Pointer Dereference vulnerability in GNU Libredwg 0.10
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
network
low complexity
gnu CWE-476
6.5
6.5
2021-05-17 CVE-2020-21835 NULL Pointer Dereference vulnerability in GNU Libredwg 0.10
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
network
low complexity
gnu CWE-476
6.5
6.5
2021-05-17 CVE-2020-21839 Memory Leak vulnerability in GNU Libredwg 0.10
An issue was discovered in GNU LibreDWG 0.10.
network
low complexity
gnu CWE-401
6.5
6.5
2021-05-17 CVE-2020-21815 NULL Pointer Dereference vulnerability in GNU Libredwg 0.10.2641
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).
network
low complexity
gnu CWE-476
6.5
6.5
2021-05-17 CVE-2020-21817 NULL Pointer Dereference vulnerability in GNU Libredwg 0.10.2641
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29.
network
low complexity
gnu CWE-476
6.5
6.5