Gnuplot

gnuplot

Vendor: Gnuplot • 15 CVEs

CVEs (15)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-31177 1Gnuplot 1Gnuplot Jan 8, 2026 May 7, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
CVE-2025-31181 1Gnuplot 1Gnuplot Jul 30, 2025 Mar 27, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.
CVE-2025-31180 1Gnuplot 1Gnuplot Jul 30, 2025 Mar 27, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash.
CVE-2025-31179 1Gnuplot 1Gnuplot Jul 30, 2025 Mar 27, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.
CVE-2025-31178 1Gnuplot 1Gnuplot Jul 30, 2025 Mar 27, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.
CVE-2025-31176 1Gnuplot 1Gnuplot Jul 30, 2025 Mar 27, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.
CVE-2020-25969 1Gnuplot 1Gnuplot Aug 14, 2025 Jul 5, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().
CVE-2021-44917 1Gnuplot 1Gnuplot Nov 21, 2024 Dec 21, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.
CVE-2020-25412 1Gnuplot 1Gnuplot Aug 4, 2025 Sep 16, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
CVE-2020-25559 1Gnuplot 1Gnuplot Aug 14, 2025 Sep 16, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.
CVE-2018-19492 3Debian GnuplotOpensuse 3Debian Linux GnuplotLeap Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size c...Show more An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.Show less
CVE-2018-19491 3Debian GnuplotOpensuse 3Debian Linux GnuplotLeap Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of...Show more An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.Show less
CVE-2018-19490 3Debian GnuplotOpensuse 3Debian Linux GnuplotLeap Nov 21, 2024 Nov 23, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerabili...Show more An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.Show less
CVE-2017-9670 1Gnuplot 1Gnuplot May 13, 2026 Jun 15, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other i...Show more An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.Show less
CVE-2002-2259 1Gnuplot 1Gnuplot Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.