7634 matches found
UBUNTU-CVE-2023-35960
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...
Command injection
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
UBUNTU-CVE-2023-35963
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
UBUNTU-CVE-2023-35964
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35964
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35964
GTKWave 3.3.115 contains decompression flaws in vcd2lxt that can lead to arbitrary code execution when a user opens a crafted wave file. CVE-2023-35964, rated HIGH (CVSS 7.8), requires local access and user interaction. The issue affects GTKWave, with Debian advisories noting fixes in 3.3.118+ (D...
CVE-2023-35961
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35960
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...
CVE-2023-35962
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35963
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35959
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns .ghw...
CVE-2023-35963
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35962
GTKWAVE 3.3.x contains multiple OS command injection vulnerabilities in the decompression path of the vcd2vzt utility. GTKWave versions up to 3.3.115 are affected; exploitation would occur when a victim opens a crafted VCD/wave file, potentially allowing arbitrary code execution due to decompress...
CVE-2023-35959
CVE-2023-35959 affects GTKWave (waveform viewer); multiple OS command injection vulnerabilities exist in the .ghw decompression path. An attacker could achieve arbitrary command execution by the user opening a specially crafted .ghw file; local attacker would need to run GTKWave with the affected...
CVE-2023-35962
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...
CVE-2023-35960
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...
CVE-2023-35959
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns .ghw...
CVE-2023-35963
CVE-2023-35963 affects GTKWave (notably the waveform viewer) with multiple OS command injection flaws in the decompression code of the vcd2lxt2 utility when processing crafted wave files. Affected: GTKWave 3.3.115 (Debian/Ubuntu/Debian-LTS advisories cite upgrades to 3.3.118 or similar for bullse...
PT-2024-12536 · Gtkwave · Gtkwave
Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue concerns decompression in the vcd2lxt utility of GTKWave, where multiple OS command injection vulnerabilities exist. These vulnerabilities can be triggered by a specially crafted wave file,...
RDoc: Command Injection
Background RDoc produces HTML and command-line documentation for Ruby projects. Description A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Impact RDoc used to call Kernelopen to open a local file. If a Ruby project has a file whose name...