CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32650 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-32650
08 Jan 2024 — An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de enteros en la funcionalidad de análisis maxhandle FST_BL_GEOM de GTKWave 3.3.115, cuando se compila como un binario de 32 bits. Un archivo .fst especialmente manipulado puede provoca... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35704 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35704
08 Jan 2024 — Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. Existen múltiples vulnerabilidades de desbordamiento de búfer en la región stack de la memoria en la funcionalidad variante FST LEB128 de GTKWave 3.3.115. Un archivo .fst especialm... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35703 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35703
08 Jan 2024 — Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. Existen múltiples vulnerabilidades de desbordamiento de búfer en la región stack de la memoria en la funcionalidad variante FST LEB128 de GTKWave 3.3.115. Un archivo .fst especialmente man... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35702 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35702
08 Jan 2024 — Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. Existen múltiples vulnerabilidades de desbordamiento de búfer en la región stack de la memoria en la funcionalidad variante FST LEB128 de GTKWave 3.3.115. Un archivo .fst especialmente man... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35958 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35958
08 Jan 2024 — Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`. Existen múltiples vulnerabilidades de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad de análisis VCDATA fstReaderIterBlocks2 de GTKWave 3.3.115. Un a... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35957 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35957
08 Jan 2024 — Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `uncompress`. Existen múltiples vulnerabilidades de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad de análisis VCDATA fstReaderIterBlocks2 de GTKWave 3.... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35956 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35956
08 Jan 2024 — Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`. Existen múltiples vulnerabilidades de desbordamiento del búfer en la región Heap de la memoria en la funcionalidad de análisis VCDATA fstReaderIterBlocks2 ... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35955 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35955
08 Jan 2024 — Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`. Existen múltiples vulnerabilidades de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad de análisis VCDATA fstReaderIterBloc... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35964 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35964
08 Jan 2024 — Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility. Existen múltiples vulnerabilidades de inyección de comandos del sistema operativo en la funcionalidad de descompresión de GTKWave 3.3.115. Un archivo wave especialmente manipulado puede pr... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35963 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35963
08 Jan 2024 — Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility. Existen múltiples vulnerabilidades de inyección de comandos del sistema operativo en la funcionalidad de descompresión de GTKWave 3.3.115. Un archivo wave especialmente manipulado puede p... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •