2586 matches found
CVE-2023-35994
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35995
GTKWave 3.3.115 is affected by multiple vulnerabilities (CVE-2023-35995 among others) in the fstReaderIterBlocks2 tdelta indexing, which could allow arbitrary code execution when a user opens a crafted .fst file. The issues stem from improper array index validation and are triggered by reading ma...
CVE-2023-35997
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35997
GTKWave (gtkwave) is affected by CVE-2023-35997 in the fstReaderIterBlocks2 tdelta path, with arbitrary code execution when a user opens a crafted .fst file. The vulnerability occurs during tdelta indexing when signal_lens is 2 or more. Debian/DSA-5653 (and related advisories) indicate fixed vers...
CVE-2023-35995
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35996
CVE-2023-35996 affects GTKWave, specifically the fstReaderIterBlocks2 tdelta indexing when signal_lens is 0 in the GTKWave 3.3.115 release. Multiple improper array index validations can allow arbitrary code execution if a user opens a crafted .fst file. Impact is local with high severity (CVSS 3....
CVE-2023-35994
GTKWave 3.3.115 is affected by multiple vulnerabilities in the fstReaderIterBlocks2 tdelta initialization that могут allow arbitrary code execution when opening a crafted .fst file. Root cause: improper array index validation in tdelta init. Impact: potential code execution with local access and ...
CVE-2023-35994
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35997
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35994
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35995
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-35996
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-34087
CVE-2023-34087 affects GTKWave, where an improper array index validation in the EVCD var len parsing of GTKWave 3.3.115 can allow arbitrary code execution when opening a crafted .evcd file. Public sources identify the issue and several advisories list GTKWave upgrades (e.g., Debian fixes upgradin...
CVE-2023-34087
An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...
GTKWave 安全漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A code issue vulnerability exists in GTKWave version 3.3.115 that stems from incorrect array index validation. An attacker could exploit this vulnerability to cause arbitrary code execution via a specially crafted .evcd file...
GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities
Talos Vulnerability Report TALOS-2023-1791 GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities January 8, 2024 CVE Number CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995 SUMMARY Multiple improper array index validation vulnerabilities exist in the...
GTKWave EVCD var len parsing improper array index validation vulnerability
Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...
PT-2024-2951 · Gtkwave · Gtkwave
Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to an improper array index validation vulnerability in the EVCD var len parsing functionality. This can lead to arbitrary code execution when a victim opens a specially crafted .evcd...
SUSE SLES12 Security Update : ppp (SUSE-SU-2023:4961-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4961-1 advisory. - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the...
SUSE-SU-2023:4965-1 Security update for ppp
This update for ppp fixes the following issues: - CVE-2022-4603: Fixed improper validation of array index of the component pppdump bsc1218251...