8 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-38649
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can...
Out-of-bounds Write
gtkwave is vulnerable to Out-of-bounds Write. The vulnerabilities stem from flaws in the VZT vztrdgetfacname decompression functionality in .vzt file, allowing arbitrary code execution via a specially crafted file...
CVE-2023-38648
GTKWave 3.3.115 contains multiple out-of-bounds write vulnerabilities in the vzt_rd_get_facname decompression path. A crafted .vzt file can lead to arbitrary code execution when opened by a user. Affected component: GTKWave, version 3.3.115 (Windows/Linux packaging observed in Debian/Ubuntu advis...
CVE-2023-38649
GTKWave: Multiple out-of-bounds write vulnerabilities in vz t_rd_get_facname decompression in GTKWave 3.3.115 can lead to arbitrary code execution when opening a crafted .vzt file. Debian security advisories show fixes upgrading to 3.3.118 (bullseye) or 3.3.118-0.1~deb12u1 (bookworm); i.e., upgra...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
GTKWave 安全漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An out-of-bounds write vulnerability exists in GTKWave version 3.3.115. The vulnerability stems from an out-of-bounds write to the VZT vztrdgetfacname decompression function, which can be exploited by an attacker to cause...
GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1813 GTKWave VZT vztrdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-38649,CVE-2023-38648 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of...