Every CVE whose affected-product data names Xfig, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2009-4227 — CVSS 6.8 (medium): Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject…
CVE-2010-4262 — CVSS 6.8 (medium): Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute…
CVE-2009-1962 — CVSS 4.4 (medium): Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2)…
CVE-2009-4228 — CVSS 4.3 (medium): Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application…