Filtered by vendor Tonybybell
Subscribe
Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37444 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's interactive VCD parsing code.
|
|||||
| CVE-2023-37443 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code.
|
|||||
| CVE-2023-37442 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's default VCD parsing code.
|
|||||
| CVE-2023-37420 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility.
|
|||||
| CVE-2023-37419 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
|
|||||
| CVE-2023-37418 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility.
|
|||||
| CVE-2023-37417 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code.
|
|||||
| CVE-2023-37416 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's legacy VCD parsing code.
|
|||||
| CVE-2023-37282 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-36916 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table_lengths` array.
|
|||||
| CVE-2023-36915 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array.
|
|||||
| CVE-2023-36864 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-36861 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-36747 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.0 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table.
|
|||||
| CVE-2023-36746 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.0 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when parsing the time table.
|
|||||
| CVE-2023-35997 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more.
|
|||||
| CVE-2023-35996 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0.
|
|||||
| CVE-2023-35995 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1.
|
|||||
| CVE-2023-35994 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part.
|
|||||
| CVE-2023-35992 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.0 HIGH |
|
An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-35989 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-35970 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type.
|
|||||
| CVE-2023-35969 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types.
|
|||||
| CVE-2023-35964 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility.
|
|||||
| CVE-2023-35963 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility.
|
|||||
| CVE-2023-35962 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility.
|
|||||
| CVE-2023-35961 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.
|
|||||
| CVE-2023-35960 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`.
|
|||||
| CVE-2023-35959 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.
|
|||||
| CVE-2023-35958 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`.
|
|||||
| CVE-2023-35957 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `uncompress`.
|
|||||
| CVE-2023-35956 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`.
|
|||||
| CVE-2023-35955 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`.
|
|||||
| CVE-2023-35704 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function.
|
|||||
| CVE-2023-35703 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function.
|
|||||
| CVE-2023-35702 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function.
|
|||||
| CVE-2023-35128 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.0 HIGH |
|
An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-35057 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-35004 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-34436 | 1 Tonybybell | 1 Gtkwave | 2025-11-04 | N/A | 7.8 HIGH |
|
An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
|
|||||