CVE-2021-45950

LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).

Source: CVE-2021-45950

CVE-2021-45949

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Source: CVE-2021-45949

CVE-2021-45948

Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).

Source: CVE-2021-45948

CVE-2021-45947

Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).

Source: CVE-2021-45947

CVE-2021-45945

uWebSockets 19.0.0 through 20.8.0 has an out-of-bounds write in std::__1::pair<unsigned int, void*> uWS::HttpParser::fenceAndConsumePostPadded<0 (called from uWS::HttpParser::consumePostPadded and std::__1::__function::__func<LLVMFuzzerTestOneInput::$_0, std::__1::allocator<LL).

Source: CVE-2021-45945

CVE-2021-45946

Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).

Source: CVE-2021-45946

CVE-2021-45929

Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).

Source: CVE-2021-45929

CVE-2021-45944

Ghostscript GhostPDL 9.50 through-9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

Source: CVE-2021-45944

CVE-2021-45959

{fmt} 7.1.0 through 8.0.1 has a stack-based buffer overflow in fmt::v8::detail::dragonbox::umul192_upper64 (called from fmt::v8::detail::dragonbox::cache_accessor<double>::compute_mul and fmt::v8::detail::dragonbox::decimal_fp<double> fmt::v8::detail::dragonbox::to_de).

Source: CVE-2021-45959

CVE-2021-45951

Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard).

Source: CVE-2021-45951