Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3220 matches found

CVE
CVEadded 2024/01/08 2:47 p.m.40 views

CVE-2023-35959

CVE-2023-35959 affects GTKWave (waveform viewer); multiple OS command injection vulnerabilities exist in the .ghw decompression path. An attacker could achieve arbitrary command execution by the user opening a specially crafted .ghw file; local attacker would need to run GTKWave with the affected...

7.8CVSS7.9AI score0.01481EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2024/01/08 2:47 p.m.40 views

CVE-2023-35960

GTKWave 3.3.115 contains multiple OS command injection vulnerabilities in its legacy decompression path (vcd_main). A specially crafted VCD/wave file can lead to arbitrary code execution when opened by a user, local access is required and UI interaction is needed. The issue is documented across m...

7.8CVSS7.9AI score0.01481EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2024/01/08 2:47 p.m.44 views

CVE-2023-35963

CVE-2023-35963 affects GTKWave (notably the waveform viewer) with multiple OS command injection flaws in the decompression code of the vcd2lxt2 utility when processing crafted wave files. Affected: GTKWave 3.3.115 (Debian/Ubuntu/Debian-LTS advisories cite upgrades to 3.3.118 or similar for bullse...

7.8CVSS7.9AI score0.01481EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2024/01/08 2:47 p.m.23 views

CVE-2023-35962

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression...

7.8CVSS8.2AI score0.01481EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2024/01/08 2:47 p.m.18 views

CVE-2023-35959

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns .ghw...

7.8CVSS8.2AI score0.01481EPSS
Exploits1
Debian CVE
Debian CVEadded 2024/01/08 2:47 p.m.26 views

CVE-2023-35960

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy...

7.8CVSS8.2AI score0.01481EPSS
Exploits1
Cvelist
Cvelistadded 2024/01/08 2:47 p.m.15 views

CVE-2023-38649

Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...

7.8CVSS8.1AI score0.00432EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/01/08 2:47 p.m.23 views

CVE-2023-38657

An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

7.8CVSS7.9AI score0.00432EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2024/01/08 2:47 p.m.17 views

CVE-2023-38657

An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

7.8CVSS8AI score0.00432EPSS
Exploits1
Talos
Talosadded 2024/01/08 12:0 a.m.37 views

GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-38657 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially craft...

7.8CVSS8.1AI score0.00432EPSS
Exploits1
CNNVD
CNNVDadded 2024/01/08 12:0 a.m.5 views

GTKWave 安全漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An out-of-bounds write vulnerability exists in GTKWave version 3.3.115. The vulnerability stems from an out-of-bounds write to the VZT vztrdgetfacname decompression function, which can be exploited by an attacker to cause...

7.8CVSS7.9AI score0.00432EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.2 views

PT-2024-12531 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a...

7.8CVSS8.4AI score0.01481EPSS
Exploits82References133
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.0 views

PT-2024-12535 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple OS command injection vulnerabilities in the decompression functionality. A specially crafted wave file can lead to arbitrary command execution when opened by a victim. The...

7.8CVSS8.3AI score0.01481EPSS
Exploits82References131
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.4 views

PT-2024-12533 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a...

7.8CVSS8.5AI score0.01481EPSS
Exploits82References133
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.2 views

PT-2024-12755 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: A specially crafted .lxt2 file can lead to arbitrary code execution due to an out-of-bounds write vulnerability in the LXT2 zlib block decompression functionality. A victim would need to open a malicious...

7.8CVSS8.2AI score0.01481EPSS
Exploits82References132
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.2 views

PT-2024-12748 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt rd get facname decompression functionality. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open...

7.8CVSS8.4AI score0.01481EPSS
Exploits82References132
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.3 views

PT-2024-12749 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt rd get facname decompression functionality. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open...

7.8CVSS8.4AI score0.01481EPSS
Exploits82References132
Positive Technologies
Positive Technologiesadded 2024/01/08 12:0 a.m.3 views

PT-2024-12532 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a...

7.8CVSS8.4AI score0.01481EPSS
Exploits82References133
CNNVD
CNNVDadded 2023/12/25 12:0 a.m.3 views

Blosc C-Blosc2 Security Vulnerability

Blosc C-Blosc2 is a code library from the Blosc team that enables deep compression of binary data. The goal of the software is to reduce the size of large datasets on disk or in memory, speeding up memory-bound computations. The software supports BloscLZ, a compression program based on FastLZ, LZ...

7.5CVSS7AI score0.00834EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/12/25 12:0 a.m.2 views

Blosc C-Blosc2 Security Vulnerability

Blosc C-Blosc2 is a code library from the Blosc team that enables deep compression of binary data. The goal of the software is to reduce the size of large datasets on disk or in memory, speeding up memory-bound computations. The software supports BloscLZ, a compression program based on FastLZ, LZ...

7.5CVSS7AI score0.00834EPSS
Exploits1References2
Rows per page
Query Builder