Vulnerabilities > Gnuplot Project

DATE CVE VULNERABILITY TITLE RISK
2023-07-05 CVE-2020-25969 Classic Buffer Overflow vulnerability in Gnuplot Project Gnuplot 5.5.0
gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().
network
low complexity
gnuplot-project CWE-120
critical
9.8
2021-05-03 CVE-2021-29369 OS Command Injection vulnerability in Gnuplot Project Gnuplot 0.0.1/0.0.2
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
network
low complexity
gnuplot-project CWE-78
critical
9.8
2020-09-16 CVE-2020-25412 Out-of-bounds Write vulnerability in Gnuplot Project Gnuplot 5.4.0
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
network
low complexity
gnuplot-project CWE-787
critical
9.8
2020-09-16 CVE-2020-25559 Double Free vulnerability in Gnuplot Project Gnuplot 5.5.0
gnuplot 5.5 is affected by double free when executing print_set_output.
local
low complexity
gnuplot-project CWE-415
7.8
2017-06-15 CVE-2017-9670 Access of Uninitialized Pointer vulnerability in Gnuplot Project Gnuplot 5.2
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.
local
low complexity
gnuplot-project CWE-824
7.8