2218 matches found
GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1813 GTKWave VZT vztrdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-38649,CVE-2023-38648 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of...
GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1810 GTKWave VZT LZMARead dmem extraction out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-37282 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMARead dmem extraction functionality of GTKWave 3.3.115. A specially crafted...
GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1811 GTKWave VZT LZMAreadvarint out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-36861 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMAreadvarint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead ...
GTKWave FST FST_BL_GEOM parsing maxhandle integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1777 GTKWave FST FSTBLGEOM parsing maxhandle integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-32650 SUMMARY An integer overflow vulnerability exists in the FSTBLGEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-b...
GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1821 GTKWave LXT2 lxt2rdtrace value elements allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35057 SUMMARY An integer overflow vulnerability exists in the LXT2 lxt2rdtrace value elements allocation functionality of GTKWave 3.3.11...
GTKWave VCD parse_valuechange portdump out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1804 GTKWave VCD parsevaluechange portdump out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-37416,CVE-2023-37419,CVE-2023-37420,CVE-2023-37418,CVE-2023-37417 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VCD...
GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1789 GTKWave FST fstReaderIterBlocks2 chaintable parsing heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35969,CVE-2023-35970 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintab...
GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...
GTKWave VZT facgeometry parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1812 GTKWave VZT facgeometry parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38618,CVE-2023-38621,CVE-2023-38620,CVE-2023-38619,CVE-2023-38623,CVE-2023-38622 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT...
GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1792 GTKWave FST fstReaderIterBlocks2 timetable tsecnitems integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35128 SUMMARY An integer overflow vulnerability exists in the fstReaderIterBlocks2 timetable tsecnitems functionality of GTKWave...
GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1783 GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35704,CVE-2023-35703,CVE-2023-35702 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of...
GTKWave VZT vzt_rd_process_block autosort out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1817 GTKWave VZT vztrdprocessblock autosort out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-39235,CVE-2023-39234 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdprocessblock autosort functionality of GTKWave...
GTKWave VCD sorted bsearch arbitrary write vulnerabilities
Talos Vulnerability Report TALOS-2023-1807 GTKWave VCD sorted bsearch arbitrary write vulnerabilities January 8, 2024 CVE Number CVE-2023-37921,CVE-2023-37923,CVE-2023-37922 SUMMARY Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A...
GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1814 GTKWave VZT vztrdblockvchdecode times parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38651,CVE-2023-38650 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of...
GTKWave LXT2 zlib block allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1822 GTKWave LXT2 zlib block allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35989 SUMMARY An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 fil...
GTKWave LXT2 lxt2_rd_expand_integer_to_bits stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1827 GTKWave LXT2 lxt2rdexpandintegertobits stack-based buffer overflow vulnerability January 8, 2024 CVE Number CVE-2023-38583 SUMMARY A stack-based buffer overflow vulnerability exists in the LXT2 lxt2rdexpandintegertobits function of GTKWave 3.3.115. A...
GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1824 GTKWave LXT2 lxt2rditerradix shift operation integer underflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39413,CVE-2023-39414 SUMMARY Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of...
GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1785 GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35956,CVE-2023-35957,CVE-2023-35958,CVE-2023-35955 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the...
GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35992 SUMMARY An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115,...
GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1818 GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2...
GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1815 GTKWave VZT vztrdblockvchdecode dict parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38653,CVE-2023-38652 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode dict parsing functionality of...
GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1793 GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36747,CVE-2023-36746 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len...
GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1798 GTKWave FST fstReaderIterBlocks2 chaintable allocation integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36915,CVE-2023-36916 SUMMARY Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation...
GTKWave VCD var definition section out-of-bounds read vulnerabilities
Talos Vulnerability Report TALOS-2023-1805 GTKWave VCD var definition section out-of-bounds read vulnerabilities January 8, 2024 CVE Number CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443 SUMMARY Multiple out-of-bounds read vulnerabilities exist in the VC...
GTKWave VZT longest_len value allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1816 GTKWave VZT longestlen value allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35004 SUMMARY An integer overflow vulnerability exists in the VZT longestlen value allocation functionality of GTKWave 3.3.115. A specially crafted...
GTKWave decompression OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1786 GTKWave decompression OS command injection vulnerabilities January 8, 2024 CVE Number CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962 SUMMARY Multiple OS command injection vulnerabilities exist in the decompressi...
GTKWave VCD get_vartoken realloc use-after-free vulnerabilities
Talos Vulnerability Report TALOS-2023-1806 GTKWave VCD getvartoken realloc use-after-free vulnerabilities January 8, 2024 CVE Number CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574 SUMMARY Multiple use-after-free vulnerabilities exist in the VCD getvartok...
GTKWave FST fstReaderIterBlocks2 temp_signal_value_buf allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1797 GTKWave FST fstReaderIterBlocks2 tempsignalvaluebuf allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-36864 SUMMARY An integer overflow vulnerability exists in the fstReaderIterBlocks2 tempsignalvaluebuf allocation functionali...
GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities
Talos Vulnerability Report TALOS-2023-1791 GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities January 8, 2024 CVE Number CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995 SUMMARY Multiple improper array index validation vulnerabilities exist in the...
GTKWave EVCD var len parsing improper array index validation vulnerability
Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...
ManageEngine OpManager uploadMib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1851 ManageEngine OpManager uploadMib directory traversal vulnerability January 8, 2024 CVE Number CVE-2023-47211 SUMMARY A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP...
GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-38657 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially craft...
GTKWave LXT2 lxt2_rd_get_facname decompression out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1826 GTKWave LXT2 lxt2rdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-39443,CVE-2023-39444 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A...
instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1907 instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability December 23, 2023 CVE Number CVE-2023-49594 SUMMARY An information disclosure vulnerability exists in the challenge functionality of instipod...
GPSd NTRIP Stream Parsing access violation vulnerability
Talos Vulnerability Report TALOS-2023-1860 GPSd NTRIP Stream Parsing access violation vulnerability December 5, 2023 CVE Number CVE-2023-43628 SUMMARY An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead...
Buildroot package hash checking data integrity vulnerabilities
Talos Vulnerability Report TALOS-2023-1844 Buildroot package hash checking data integrity vulnerabilities December 5, 2023 CVE Number CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840 SUMMARY Multiple data integrity vulnerabilities exist in the package hash checking...
Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability
Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...
Foxit Reader Javascript exportDataObject arbitrary file creation vulnerability
Talos Vulnerability Report TALOS-2023-1833 Foxit Reader Javascript exportDataObject arbitrary file creation vulnerability November 27, 2023 CVE Number CVE-2023-40194 SUMMARY An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to...
Foxit Reader 3D Annot use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1837 Foxit Reader 3D Annot use-after-free vulnerability November 27, 2023 CVE Number CVE-2023-32616 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicio...
Foxit Reader field value property type confusion vulnerability
Talos Vulnerability Report TALOS-2023-1838 Foxit Reader field value property type confusion vulnerability November 27, 2023 CVE Number CVE-2023-41257 SUMMARY A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript...
Foxit Reader Javascript exportDataObject HTA file creation vulnerability
Talos Vulnerability Report TALOS-2023-1834 Foxit Reader Javascript exportDataObject HTA file creation vulnerability November 27, 2023 CVE Number CVE-2023-35985 SUMMARY An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a...
WPS Office ET Data use of uninitialized pointer vulnerability
Talos Vulnerability Report TALOS-2023-1748 WPS Office ET Data use of uninitialized pointer vulnerability November 27, 2023 CVE Number CVE-2023-31275 SUMMARY An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel fil...
Foxit Reader signature field OnBlur event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1839 Foxit Reader signature field OnBlur event use-after-free vulnerability November 27, 2023 CVE Number CVE-2023-38573 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascrip...
Foxit Reader Javascript saveAs arbitrary file creation vulnerability
Talos Vulnerability Report TALOS-2023-1832 Foxit Reader Javascript saveAs arbitrary file creation vulnerability November 27, 2023 CVE Number CVE-2023-39542 SUMMARY A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file c...
Microsoft Office Professional Plus 2019 FCommitHtmlPivotCacheElement use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1835 Microsoft Office Professional Plus 2019 FCommitHtmlPivotCacheElement use-after-free vulnerability November 15, 2023 CVE Number CVE-2023-36041 SUMMARY A use-after-free vulnerability exists in the ElementType attribute parsing in Microsoft Office...
Adobe Acrobat Reader Thermometer use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1794 Adobe Acrobat Reader Thermometer use-after-free vulnerability November 15, 2023 CVE Number CVE-2023-44336 SUMMARY A use-after-free vulnerability exists in the Thermometer Javascript object in Adobe Acrobat Reader 2023.001.20174. Specially crafted...
Adobe Acrobat Reader U3D page event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1842 Adobe Acrobat Reader U3D page event use-after-free vulnerability November 15, 2023 CVE Number CVE-2023-44372 SUMMARY A use-after-free vulnerability exists in the page event processing in Adobe Acrobat Reader 2023.006.20320. A specially crafted Javascript...
Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-27882 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston...
Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1732 Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-28391 SUMMARY A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Speciall...
Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1746 Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-31247 SUMMARY A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded...