Skip to main content

Gnuplot

14 CVEs product

Monthly

CVE-2025-31177 MEDIUM PATCH This Month

gnuplot is affected by a heap buffer overflow at function utf8_copy_one. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Gnuplot
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-31181 MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-31180 MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-31179 MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-31178 MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-31176 MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2021-44917 MEDIUM POC This Month

A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gnuplot
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-29369 npm CRITICAL PATCH Act Now

The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Node.js Command Injection Gnuplot
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-25412 CRITICAL POC Act Now

com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Gnuplot
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-25559 HIGH POC This Week

gnuplot 5.5 is affected by double free when executing print_set_output. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Gnuplot
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2018-19492 HIGH POC PATCH This Week

An issue was discovered in cairo.trm in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnuplot Debian Linux Leap
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-19491 HIGH POC PATCH This Week

An issue was discovered in post.trm in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnuplot Debian Linux Leap
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-19490 HIGH POC PATCH This Week

An issue was discovered in datafile.c in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Gnuplot Debian Linux Leap
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2017-9670 HIGH PATCH This Week

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service Gnuplot
NVD
CVSS 3.0
7.8
EPSS
0.2%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

gnuplot is affected by a heap buffer overflow at function utf8_copy_one. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Gnuplot
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A flaw was found in gnuplot. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gnuplot
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gnuplot
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Node.js Command Injection +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 2% CVSS 7.8
HIGH POC This Week

gnuplot 5.5 is affected by double free when executing print_set_output. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Gnuplot
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in cairo.trm in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnuplot Debian Linux +1
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in post.trm in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnuplot Debian Linux +1
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in datafile.c in Gnuplot 5.2.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Gnuplot +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Denial Of Service +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy