CVE-2023-35970

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintable parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This...

CVE-2023-35969

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintable parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This...

CVE-2023-35997

GTKWave (gtkwave) is affected by CVE-2023-35997 in the fstReaderIterBlocks2 tdelta path, with arbitrary code execution when a user opens a crafted .fst file. The vulnerability occurs during tdelta indexing when signal_lens is 2 or more. Debian/DSA-5653 (and related advisories) indicate fixed vers...

CVE-2023-35994

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-35996

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-35995

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-35997

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-36747

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-36746

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

CVE-2023-36864

GTKWave 3.3.115 is affected by an integer overflow in fstReaderIterBlocks2 temp_signal_value_buf allocation, allowing arbitrary code execution when a crafted .fst file is opened. Public advisories (Debian/ Fedora) indicate fixes in GTKWave 3.3.118 (or equivalent) across supported releases; upgrad...

CVE-2023-36915

Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This...

CVE-2023-36916

Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This...

CVE-2023-36916

Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This...

GTKWave 操作系统命令注入漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave version 3.3.115 suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.118, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A code execution vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...

PT-2024-12542 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to improper array index validation vulnerabilities in the fstReaderIterBlocks2 tdelta functionality. A specially crafted .fst file can lead to arbitrary code execution. To trigger the...

GTKWave 缓冲区错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave version 3.3.115 suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...

GTKWave 缓冲区错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A buffer overflow vulnerability exists in GTKWave version 3.3.118, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...