145 matches found
EUVD-2026-17058
A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/updatefst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-5106
A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/updatefst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
EUVD-2023-39976
Malicious code in bioql PyPI...
EUVD-2023-39981
Malicious code in bioql PyPI...
EUVD-2023-40690
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-35969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintable parsing functionality of GTKWave 3.3.115. A specially crafted...
Linux Distros Unpatched Vulnerability : CVE-2023-36915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation functionality of GTKWave 3.3.115. A specially crafted .fst...
Linux Distros Unpatched Vulnerability : CVE-2023-35955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst...
Linux Distros Unpatched Vulnerability : CVE-2023-35958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst...
Integer Overflow
gtkwave is vulnerable to integer overflow. The vulnerability due to a specially crafted .fst file within its FST fstReaderIterBlocks2 chaintable allocation functionality. It allows a victim must open the malicious file, with the vulnerability revolving around the allocation of the chaintable arra...
Integer Overflow
gtkwave is vulnerable to Integer Overflow. The vulnerability due to a specially crafted .fst file within the FST fstReaderIterBlocks2 chaintable allocation functionality. It allows victims would need to open the malicious file to trigger these vulnerabilities, resulting in arbitrary code executio...
Integer Overflow
GTKWave 3.3.115 is vulnerable to an Integer Overflow. The vulnerability is caused due to a defect in the FSTBLGEOM parsing maxhandle functionality when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption when the user opens a malicious file to trigger this...
Buffer Overflow
gtkwave is vulnerable to Buffer Overflow. The vulnerability is due to insufficient input validation in the fastlzdecompress decompression function, allowing arbitrary code execution via a specially-crafted .fst file...
Heap Based Buffer Overflow
gtkwave is vulnerable to Heap Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderIterBlocks2 chaintable parsing functionality using chaintable of FSTBLVCDATA and FSTBLVCDATADYNALIAS , allowing attackers to execute arbitrary code by crafting a specially...
Improper Array Index Validation
gtkwave is vulnerable to Improper Array Index Validation. The vulnerability is due to inadequate validation of array indices in the fstReaderIterBlocks2 tdelta functionality when signallens is 2 or more, allowing attackers to execute arbitrary code by crafting a specially crafted .fst file...
Arbitrary Code Execution
gtkwave is vulnerable to Arbitrary Code Execution. The vulnerability arises from inadequate validation of array indices within the tdelta initialization process.A specially crafted .fst file can exploit these vulnerabilities, leading to arbitrary code execution...
Integer Overflow
gtkwave is vulnerable to Integer Overflow. The vulnerability is due to inadequate input validation, allowing a specially crafted .fst file to cause memory corruption when opened by a victim...
GTKWave OS Command Injection Vulnerability (CNVD-2024-39668)
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave version 3.3.118 suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
GTKWave OS Command Injection Vulnerability (CNVD-2024-39664)
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave version 3.3.115 suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
GTKWave memory misreference vulnerability (CNVD-2024-39044)
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from a memory misreference vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...