CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37577
https://notcve.org/view.php?id=CVE-2023-37577
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37576
https://notcve.org/view.php?id=CVE-2023-37576
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37575
https://notcve.org/view.php?id=CVE-2023-37575
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's interactive VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37574
https://notcve.org/view.php?id=CVE-2023-37574
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's legacy VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37573
https://notcve.org/view.php?id=CVE-2023-37573
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's recoder (default) VCD parsing code. Existen múltiples vulnerabilidades de use-after-free en la funcionalidad de realloc VCD get_vartoken de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806 • CWE-416: Use After Free •