Export limit exceeded: 20058 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20058 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37419 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. | ||||
| CVE-2023-37418 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. | ||||
| CVE-2023-37417 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code. | ||||
| CVE-2023-37416 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's legacy VCD parsing code. | ||||
| CVE-2023-37282 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-36861 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-36747 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table. | ||||
| CVE-2023-36746 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when parsing the time table. | ||||
| CVE-2023-36498 | 1 Tp-link | 2 Er7206, Er7206 Firmware | 2025-11-04 | 7.2 High |
| A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability and gain access to an unrestricted shell. | ||||
| CVE-2023-35970 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type. | ||||
| CVE-2023-35969 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types. | ||||
| CVE-2023-35964 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility. | ||||
| CVE-2023-35963 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility. | ||||
| CVE-2023-35962 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility. | ||||
| CVE-2023-35961 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`. | ||||
| CVE-2023-35960 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`. | ||||
| CVE-2023-35959 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression. | ||||
| CVE-2023-35704 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. | ||||
| CVE-2023-35703 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. | ||||
| CVE-2023-35702 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. | ||||