Search
Total
58 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36915 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array. | |||||
| CVE-2023-36916 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table_lengths` array. | |||||
| CVE-2023-39234 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`. | |||||
| CVE-2023-38622 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. | |||||
| CVE-2023-38653 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. | |||||
| CVE-2023-38621 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array. | |||||
| CVE-2023-38620 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array. | |||||
| CVE-2023-39235 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`. | |||||
| CVE-2023-39275 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array. | |||||
| CVE-2023-39270 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | |||||
| CVE-2023-39271 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. | |||||
| CVE-2023-39272 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array. | |||||
| CVE-2023-39273 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array. | |||||
| CVE-2023-39274 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. | |||||
| CVE-2023-39414 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.3 HIGH |
| Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation. | |||||
| CVE-2023-39316 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array. | |||||
| CVE-2023-39413 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation. | |||||
| CVE-2023-39317 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array. | |||||
| CVE-2023-39443 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. | |||||
| CVE-2023-39444 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. | |||||
| CVE-2023-37576 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility. | |||||
| CVE-2023-37921 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility. | |||||
| CVE-2023-37578 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility. | |||||
| CVE-2023-37577 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility. | |||||
| CVE-2023-37575 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's interactive VCD parsing code. | |||||
| CVE-2023-37574 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's legacy VCD parsing code. | |||||
| CVE-2023-37573 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's recoder (default) VCD parsing code. | |||||
| CVE-2023-37922 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility. | |||||
| CVE-2023-38618 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | |||||
| CVE-2023-37923 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility. | |||||
| CVE-2023-37417 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code. | |||||
| CVE-2023-38619 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. | |||||
| CVE-2023-37418 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. | |||||
| CVE-2023-37444 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's interactive VCD parsing code. | |||||
| CVE-2023-37443 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code. | |||||
| CVE-2023-37419 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. | |||||
| CVE-2023-37420 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. | |||||
| CVE-2023-37442 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's default VCD parsing code. | |||||
| CVE-2023-37447 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. | |||||
| CVE-2023-37446 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. | |||||
| CVE-2023-37445 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. | |||||
| CVE-2023-35955 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`. | |||||
| CVE-2023-35956 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`. | |||||
| CVE-2023-35957 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `uncompress`. | |||||
| CVE-2023-35958 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`. | |||||
| CVE-2023-35960 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`. | |||||
| CVE-2023-35961 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`. | |||||
| CVE-2023-35959 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression. | |||||
| CVE-2023-35962 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility. | |||||
| CVE-2023-35963 | 1 Tonybybell | 1 Gtkwave | 2024-01-11 | N/A | 7.8 HIGH |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility. | |||||