GTKWave VCD get_vartoken realloc use-after-free vulnerabilities

Talos Vulnerability Report TALOS-2023-1806 GTKWave VCD getvartoken realloc use-after-free vulnerabilities January 8, 2024 CVE Number CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574 SUMMARY Multiple use-after-free vulnerabilities exist in the VCD getvartok...

PT-2024-12644 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple use-after-free vulnerabilities in the VCD get vartoken realloc functionality. These vulnerabilities can be triggered by a specially crafted .vcd file, potentially leading t...

PT-2024-12641 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple use-after-free vulnerabilities in the VCD get vartoken realloc functionality. A specially crafted .vcd file can lead to arbitrary code execution when opened by a victim,...

PT-2024-12643 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple use-after-free vulnerabilities in the VCD get vartoken realloc functionality. These vulnerabilities can be triggered by a specially crafted .vcd file, potentially leading t...

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

Lotos WebServer Security Vulnerability

Lotos WebServer is a small but high-performance HTTP WebServer that follows the Reactor model and uses non-blocking IO and IO multiplexing epoll ET to handle concurrency. A security vulnerability exists in Lotos WebServer version 0.1.1 and earlier, which stems from improper realloc handling, the...

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

CVE-2023-45664

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

CVE-2023-35966

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

CVE-2023-35966

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

Heap overflow

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

CVE-2023-35968

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

CVE-2023-35968

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

SUSE CVE-2023-44821

Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect GifRealloc calls, might allow a denial of service memory consumption. NOTE: this has been disputed by multiple parties because the Gifsicle code is not commonly used for unattended operation in which new input arriv...

DEBIAN-CVE-2023-44821

Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect GifRealloc calls, might allow a denial of service memory consumption. NOTE: this has been disputed by multiple parties because the Gifsicle code is not commonly used for unattended operation in which new input arriv...

PT-2023-29303 · Gifsicle +2 · Gifsicle +2

Name of the Vulnerable Software and Affected Versions: Gifsicle versions 1.92 through 1.94 Description: The issue might allow a denial of service due to memory consumption if Gifsicle is deployed in a way that allows untrusted input to affect Gif Realloc calls. However, this has been disputed by...

CVE-2023-36326

Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bngrow function...

CVE-2023-36326

Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bngrow function...

CVE-2023-36326

Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bngrow function...