CVE-2023-37921

CVE-2023-37921 affects GTKWave’s VCD handling (VCD sorted bsearch) with arbitrary write via malicious .vcd files, potentially enabling code execution. Public details in Debian/DSA-5653 and DLA-3785 show GTKWave up to version 3.3.118 (and older 3.3.104+ in bullseye) as vulnerable; fixes are applie...

CVE-2023-37922

GTKWave 3.3.115 contains multiple arbitrary write vulnerabilities in the VCD sorted bsearch path, which can lead to arbitrary code execution when a victim opens a crafted .vcd file (triggered via vcd2lxt2). Connected advisories confirm the issue and provide fixed versions: upgrading to upstream G...

CVE-2023-37923

CVE-2023-37923 affects GTKWave (notably the VCD sorting/bsearch logic). Multiple arbitrary-write vulnerabilities exist in the VCD handling, with one variant triggered via the vcd2lxt conversion utility, potentially enabling arbitrary code execution when a crafted .vcd file is opened. Affected ver...

CVE-2023-37922

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary...

CVE-2023-37921

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary...

CVE-2023-37923

Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary...

GTKWave 代码问题漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An arbitrary write vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via specially crafted .vcd files...

GTKWave 代码问题漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An arbitrary write vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via specially crafted .vcd files...

GTKWave 代码问题漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An arbitrary write vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via specially crafted .vcd files...

Important: postgresql15

Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...

PT-2024-12663 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple arbitrary write vulnerabilities in the VCD sorted bsearch functionality. A specially crafted .vcd file can lead to arbitrary code execution when opened by a victim. This ca...

PT-2024-12664 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple arbitrary write vulnerabilities in the VCD sorted bsearch functionality. A specially crafted .vcd file can lead to arbitrary code execution when opened by a victim. This ca...

GTKWave VCD sorted bsearch arbitrary write vulnerabilities

Talos Vulnerability Report TALOS-2023-1807 GTKWave VCD sorted bsearch arbitrary write vulnerabilities January 8, 2024 CVE Number CVE-2023-37921,CVE-2023-37923,CVE-2023-37922 SUMMARY Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A...

Advisory ROSA-SA-2023-2307

Software: jasper 2.0.14-5 OS: ROSA Virtualization 2.1 packageevrstring: jasper-2.0.14-5.rv3.src.rpm CVE-ID: CVE-2020-27828 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Special input provided by an attacker in jasper could cause an arbitrary write outside of the allowed range. This could potentially...

GHSA-CRHP-7C74-CG4C Improper Input Validation in mindsdb

Impact The put method in mindsdb/mindsdb/api/http/namespaces/file.py does not validate the user-controlled name value, which is used in a temporary file name, which is afterwards opened for writing on lines 122-125, which leads to path injection. This issue may lead to arbitrary file write. This...

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO...

NewStart CGSL MAIN 6.06 : dnsmasq Vulnerability (NS-SA-2023-0141)

The remote NewStart CGSL host, running version MAIN 6.06, has dnsmasq packages installed that are affected by a vulnerability: - A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially...

SUSE-SU-2023:4345-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215095 -...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP3) (SUSE-SU-2023:3607-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3607-1 advisory. - In the Linux kernel, picknextrtentity may return a type confused entry, not detected by the BUGON condition, as the confused entry will not b...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in the Blink of the library, which allows an attacker to arbitrary read or write via a maliciously crafted HTML page...