Linux Distros Unpatched Vulnerability : CVE-2023-37578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple use-after-free vulnerabilities exist in the VCD getvartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitra...

[SECURITY] Fedora 39 Update: gtkwave-3.3.118-1.fc39

GTKWave is a waveform viewer that can view VCD files produced by most Verilog simulation tools, as well as LXT files produced by certain Verilog simulation tools...

[SECURITY] Fedora 38 Update: gtkwave-3.3.118-1.fc38

GTKWave is a waveform viewer that can view VCD files produced by most Verilog simulation tools, as well as LXT files produced by certain Verilog simulation tools...

Fedora: Security Advisory for gtkwave (FEDORA-2024-c990070fa4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-39316

Multiple integer overflow vulnerabilities exist in the LXT2 numdictentries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer...

DEBIAN-CVE-2023-39444

Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds...

DEBIAN-CVE-2023-39272

Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

DEBIAN-CVE-2023-38583

A stack-based buffer overflow vulnerability exists in the LXT2 lxt2rdexpandintegertobits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

UBUNTU-CVE-2023-39270

Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

UBUNTU-CVE-2023-39271

Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...

PT-2024-12645 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple use-after-free vulnerabilities in the VCD get vartoken realloc functionality. A specially crafted .vcd file can lead to arbitrary code execution when opened by a victim. Th...

PT-2024-12788 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple integer overflow vulnerabilities in the LXT2 facgeometry parsing functionality. A specially crafted .lxt2 file can lead to arbitrary code execution when opened by a victim...

PT-2024-12789 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple integer overflow vulnerabilities in the LXT2 facgeometry parsing functionality. A specially crafted .lxt2 file can lead to arbitrary code execution when opened by a victim...

GTKWave 安全漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A buffer overflow vulnerability exists in GTKWave version 3.3.115, which stems from a boundary error in the LXT2 lxt2rdexpandintegertobits function when handling untrusted input, and can be exploited by an attacker to cause...