CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37577 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37577
08 Jan 2024 — Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente mani... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37576 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37576
08 Jan 2024 — Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manip... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37575 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37575
08 Jan 2024 — Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's interactive VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmen... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37574 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37574
08 Jan 2024 — Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's legacy VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente ma... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37573 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37573
08 Jan 2024 — Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's recoder (default) VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd espec... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37923 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37923
08 Jan 2024 — Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility. Existen múltiples vulnerabilidades de escritura arbitraria en la funcionalidad VCD sorted bsearch de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado p... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-118: Incorrect Access of Indexable Resource ('Range Error') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37922 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37922
08 Jan 2024 — Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility. Existen múltiples vulnerabilidades de escritura arbitraria en la funcionalidad VCD sorted bsearch de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado ... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-118: Incorrect Access of Indexable Resource ('Range Error') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37921 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37921
08 Jan 2024 — Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility. Existen múltiples vulnerabilidades de escritura arbitraria en la funcionalidad VCD sorted bsearch de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado p... • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-118: Incorrect Access of Indexable Resource ('Range Error') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37282 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-37282
08 Jan 2024 — An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de los límites en la funcionalidad de extracción dmem VZT LZMA_Read de GTKWave 3.3.115. Un archivo .vzt especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36861 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-36861
08 Jan 2024 — An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de los límites en la funcionalidad VZT LZMA_read_varint de GTKWave 3.3.115. Un archivo .vzt especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •