CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3233 matches found

Cvelist•added 2024/01/08 2:47 p.m.•23 views

CVE-2023-38657

An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

7.8CVSS7.9AI score0.00432EPSS

Exploits1References2

Debian CVE•added 2024/01/08 2:47 p.m.•17 views

CVE-2023-38657

7.8CVSS8AI score0.00432EPSS

Exploits1

CNNVD•added 2024/01/08 12:0 a.m.•5 views

GTKWave 安全漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An out-of-bounds write vulnerability exists in GTKWave version 3.3.115. The vulnerability stems from an out-of-bounds write to the VZT vztrdgetfacname decompression function, which can be exploited by an attacker to cause...

7.8CVSS7.9AI score0.00432EPSS

Exploits1References2

Positive Technologies•added 2024/01/08 12:0 a.m.•4 views

PT-2024-12533 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a...

7.8CVSS8.5AI score0.01481EPSS

Exploits82References133

Positive Technologies•added 2024/01/08 12:0 a.m.•4 views

PT-2024-12755 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: A specially crafted .lxt2 file can lead to arbitrary code execution due to an out-of-bounds write vulnerability in the LXT2 zlib block decompression functionality. A victim would need to open a malicious...

7.8CVSS8.2AI score0.01481EPSS

Exploits82References132

Positive Technologies•added 2024/01/08 12:0 a.m.•3 views

PT-2024-12749 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt rd get facname decompression functionality. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open...

7.8CVSS8.4AI score0.01481EPSS

Exploits82References132

Positive Technologies•added 2024/01/08 12:0 a.m.•2 views

PT-2024-12748 · Gtkwave · Gtkwave

7.8CVSS8.4AI score0.01481EPSS

Exploits82References132

Positive Technologies•added 2024/01/08 12:0 a.m.•2 views

PT-2024-12531 · Gtkwave · Gtkwave

7.8CVSS8.4AI score0.01481EPSS

Exploits82References133

Positive Technologies•added 2024/01/08 12:0 a.m.•1 views

PT-2024-12535 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple OS command injection vulnerabilities in the decompression functionality. A specially crafted wave file can lead to arbitrary command execution when opened by a victim. The...

7.8CVSS8.3AI score0.01481EPSS

Exploits82References131

Positive Technologies•added 2024/01/08 12:0 a.m.•3 views

PT-2024-12532 · Gtkwave · Gtkwave

7.8CVSS8.4AI score0.01481EPSS

Exploits82References133

Talos•added 2024/01/08 12:0 a.m.•37 views

GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-38657 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially craft...

7.8CVSS8.1AI score0.00432EPSS

Exploits1

CNNVD•added 2023/12/25 12:0 a.m.•3 views

Blosc C-Blosc2 Security Vulnerability

Blosc C-Blosc2 is a code library from the Blosc team that enables deep compression of binary data. The goal of the software is to reduce the size of large datasets on disk or in memory, speeding up memory-bound computations. The software supports BloscLZ, a compression program based on FastLZ, LZ...

7.5CVSS7AI score0.00834EPSS

Exploits1References2

CNNVD•added 2023/12/25 12:0 a.m.•2 views

Blosc C-Blosc2 Security Vulnerability

7.5CVSS7AI score0.00834EPSS

Exploits1References2

NVD•added 2023/12/22 4:15 p.m.•18 views

CVE-2023-48704

ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on...

7.5CVSS0.00495EPSS

Exploits0References2

Prion•added 2023/12/22 4:15 p.m.•15 views

Heap overflow

5CVSS7.5AI score0.00495EPSS

Exploits0References2Affected Software2

UbuntuCve•added 2023/12/22 4:15 p.m.•18 views

CVE-2023-48704

7.5CVSS6.9AI score0.00495EPSS

Exploits0References3

CVE•added 2023/12/22 3:18 p.m.•48 views

CVE-2023-48704

The CVE-2023-48704 issue affects ClickHouse server and is caused by a heap buffer overflow in the Gorilla codec decompression logic. An unauthenticated attacker can send a crafted payload to the native interface (default port 9000/tcp) to crash the ClickHouse server. Public details in connected s...

7.5CVSS7.3AI score0.00495EPSS

Exploits0References2Affected Software2

Cvelist•added 2023/12/22 3:18 p.m.•24 views

CVE-2023-48704 Unauthenticated heap buffer overflow in Gorrila codec decompression

7CVSS7.9AI score0.00495EPSS

Exploits0References2

Debian CVE•added 2023/12/22 3:18 p.m.•18 views

CVE-2023-48704

7.5CVSS7.6AI score0.00495EPSS

Exploits0

NVD•added 2023/12/21 11:15 p.m.•15 views

CVE-2023-48298

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

7.5CVSS0.00634EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by