69 matches found
CVE-2024-6794 Deserialization of Untrusted Data in NI VeriStand Waveform Streaming Server
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions...
CVE-2024-6794
NI VeriStand Waveform Streaming Server is affected by CVE-2024-6794 due to a deserialization of untrusted data flaw that can lead to remote code execution when processing crafted messages. Affected products include NI VeriStand and versions up to and including 2024 Q2 (and prior). The vulnerabili...
PT-2024-37868 · National Instruments · Ni Veristand
Name of the Vulnerable Software and Affected Versions: NI VeriStand versions prior to 2024 Q2 Description: A deserialization of untrusted data issue exists in the NI VeriStand Waveform Streaming Server, potentially leading to remote code execution. Successful exploitation requires an attacker to...
[SECURITY] Fedora 39 Update: gtkwave-3.3.118-1.fc39
GTKWave is a waveform viewer that can view VCD files produced by most Verilog simulation tools, as well as LXT files produced by certain Verilog simulation tools...
[SECURITY] Fedora 38 Update: gtkwave-3.3.118-1.fc38
GTKWave is a waveform viewer that can view VCD files produced by most Verilog simulation tools, as well as LXT files produced by certain Verilog simulation tools...
Fedora: Security Advisory (FEDORA-2024-2647382c5f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2023-38623
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the intege...
SUSE CVE-2023-38652
Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
UBUNTU-CVE-2023-39273
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
UBUNTU-CVE-2023-37282
An out-of-bounds write vulnerability exists in the VZT LZMARead dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...
GTKWave 输入验证错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from an integer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
GTKWave 缓冲区错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A buffer overflow vulnerability exists in GTKWave version 3.3.115. The vulnerability stems from a boundary error in the fstReaderIterBlocks2 chaintable parsing function when processing untrusted input, which can be exploited by ...
GTKWave 安全漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A buffer overflow vulnerability exists in GTKWave version 3.3.115, which stems from a boundary error in the LXT2 lxt2rdexpandintegertobits function when handling untrusted input, and can be exploited by an attacker to cause...
GTKWave 缓冲区错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A code execution vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...
GTKWave 缓冲区错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A code execution vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...
GTKWave 资源管理错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A memory error-induced vulnerability exists in GTKWave version 3.3.118, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
GTKWave 操作系统命令注入漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave version 3.3.115 suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
GTKWave 输入验证错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.118, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...
PT-2024-2952 · Gtkwave · Gtkwave
Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: An integer overflow vulnerability exists in the VZT longest len value allocation functionality. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious...
GTKWave 缓冲区错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A buffer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via specially crafted .fst files...