Export limit exceeded: 44699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 13947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13947 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38583 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-37420 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. | ||||
| CVE-2023-37419 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. | ||||
| CVE-2023-37418 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. | ||||
| CVE-2023-37417 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code. | ||||
| CVE-2023-37416 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's legacy VCD parsing code. | ||||
| CVE-2023-37282 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-36861 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-36747 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table. | ||||
| CVE-2023-36746 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when parsing the time table. | ||||
| CVE-2023-35970 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type. | ||||
| CVE-2023-35969 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types. | ||||
| CVE-2023-35704 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. | ||||
| CVE-2023-35703 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. | ||||
| CVE-2023-35702 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. | ||||
| CVE-2023-34436 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | 7.8 High |
| An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-29491 | 2 Gnu, Redhat | 3 Ncurses, Enterprise Linux, Rhel Eus | 2025-11-04 | 7.8 High |
| ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | ||||
| CVE-2022-38223 | 2 Fedoraproject, Tats | 2 Fedora, W3m | 2025-11-04 | 7.8 High |
| There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. | ||||
| CVE-2024-40777 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2025-11-04 | 3.3 Low |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2024-38621 | 1 Linux | 1 Linux Kernel | 2025-11-04 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The ->length is the length of the buffer. The ->bytesused is how many bytes we have copied thus far. When the condition is reversed that means the result of the subtraction is always negative but since it's unsigned then the result is a very high positive value. That means the overflow check is never true. Additionally, the ->bytesused doesn't actually work for this purpose because we're not writing to "buf->mem + buf->bytesused". Instead, the math to calculate the destination where we are writing is a bit involved. You calculate the number of full lines already written, multiply by two, skip a line if necessary so that we start on an odd numbered line, and add the offset into the line. To fix this buffer overflow, just take the actual destination where we are writing, if the offset is already out of bounds print an error and return. Otherwise, write up to buf->length bytes. | ||||