{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T20:46:04.682","vulnerabilities":[{"cve":{"id":"CVE-2023-37443","sourceIdentifier":"talos-cna@cisco.com","published":"2024-01-08T15:15:16.517","lastModified":"2025-11-04T19:15:48.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code."},{"lang":"es","value":"Existen múltiples vulnerabilidades de lectura fuera de los límites en la funcionalidad de la sección de definición de VCD var de GTKWave 3.3.115. Un archivo .vcd especialmente manipulado puede provocar la ejecución de código arbitrario. Una víctima necesitaría abrir un archivo malicioso para activar estas vulnerabilidades. Esta vulnerabilidad se refiere a la lectura fuera de los límites cuando se activa a través del código de análisis VCD heredado de la GUI."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tonybybell:gtkwave:3.3.115:*:*:*:*:*:*:*","matchCriteriaId":"3C619471-C2FB-4A2C-894C-2562A6BA76DF"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html","source":"talos-cna@cisco.com"},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1805","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}