Vulnerabilities > Xfig Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-32280 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in fig2dev before 3.2.8..
local
low complexity
xfig-project debian CWE-476
5.5
2021-09-16 CVE-2020-21529 Out-of-bounds Write vulnerability in multiple products
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
local
low complexity
xfig-project debian CWE-787
5.5
2021-09-16 CVE-2020-21530 fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. 4.3
2021-09-16 CVE-2020-21531 Classic Buffer Overflow vulnerability in multiple products
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
local
low complexity
xfig-project debian CWE-120
5.5
2021-09-16 CVE-2020-21532 Classic Buffer Overflow vulnerability in multiple products
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
local
low complexity
xfig-project debian CWE-120
5.5
2021-09-16 CVE-2020-21533 Out-of-bounds Write vulnerability in multiple products
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
4.3
2021-09-16 CVE-2020-21534 Classic Buffer Overflow vulnerability in multiple products
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
4.3
2021-09-16 CVE-2020-21535 Out-of-bounds Read vulnerability in multiple products
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
local
low complexity
xfig-project debian CWE-125
5.5
2019-12-15 CVE-2019-19797 Out-of-bounds Write vulnerability in multiple products
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
local
low complexity
xfig-project fedoraproject debian CWE-787
5.5
2019-12-04 CVE-2019-19555 Out-of-bounds Write vulnerability in Xfig Project Xfig 3.2.7
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
4.3