Vulnerabilities (CVE)

Filtered by CWE-190
Total 2579 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38653 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.0 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
CVE-2023-38652 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.0 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
CVE-2023-38651 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.0 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
CVE-2023-38650 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.0 HIGH
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
CVE-2023-38623 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array.
CVE-2023-38622 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array.
CVE-2023-38621 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.
CVE-2023-38620 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array.
CVE-2023-38619 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
CVE-2023-38618 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
CVE-2023-38560 1 Artifex 1 Ghostscript 2024-11-21 N/A 5.5 MEDIUM
An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.
CVE-2023-38403 4 Debian, Es, Fedoraproject and 1 more 4 Debian Linux, Iperf3, Fedora and 1 more 2024-11-21 N/A 7.5 HIGH
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
CVE-2023-38150 1 Microsoft 2 Windows 11 21h2, Windows 11 22h2 2024-11-21 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38142 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-11-21 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-38127 1 Justsystems 19 Easy Postcard Max, Ichitaro 2021, Ichitaro 2022 and 16 more 2024-11-21 N/A 7.8 HIGH
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later allow for memory corruption, potentially resulting in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-37536 3 Apache, Fedoraproject, Hcltech 3 Xerces-c\+\+, Fedora, Bigfix Platform 2024-11-21 N/A 8.2 HIGH
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
CVE-2023-36916 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table_lengths` array.
CVE-2023-36915 1 Tonybybell 1 Gtkwave 2024-11-21 N/A 7.8 HIGH
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array.
CVE-2023-36911 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-11-21 N/A 9.8 CRITICAL
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36910 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-11-21 N/A 9.8 CRITICAL
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability