Security Vulnerabilities - CVEs Published In July 2018
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-07-20
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-07-20
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-20
libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-20