Total
82 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-39444 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. | |||||
CVE-2023-39443 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. | |||||
CVE-2023-39414 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.3 HIGH |
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation. | |||||
CVE-2023-39413 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation. | |||||
CVE-2023-39317 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array. | |||||
CVE-2023-39316 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array. | |||||
CVE-2023-39275 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array. | |||||
CVE-2023-39274 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. | |||||
CVE-2023-39273 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array. | |||||
CVE-2023-39272 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array. | |||||
CVE-2023-39271 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. | |||||
CVE-2023-39270 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. | |||||
CVE-2023-39235 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`. | |||||
CVE-2023-39234 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`. | |||||
CVE-2023-38657 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
CVE-2023-38653 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. | |||||
CVE-2023-38652 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. | |||||
CVE-2023-38651 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. | |||||
CVE-2023-38650 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. | |||||
CVE-2023-38649 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. |