{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:51:01.128","vulnerabilities":[{"cve":{"id":"CVE-2023-39444","sourceIdentifier":"talos-cna@cisco.com","published":"2024-01-08T15:15:25.090","lastModified":"2025-11-04T19:15:54.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop."},{"lang":"es","value":"Existen múltiples vulnerabilidades de escritura fuera de los límites en la funcionalidad de análisis LXT2 de GTKWave 3.3.115. Un archivo .lxt2 especialmente manipulado puede provocar la ejecución de código arbitrario. Una víctima necesitaría abrir un archivo malicioso para activar estas vulnerabilidades. Esta vulnerabilidad se refiere a la escritura fuera de los límites realizada por el bucle de copia de cadena."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tonybybell:gtkwave:3.3.115:*:*:*:*:*:*:*","matchCriteriaId":"3C619471-C2FB-4A2C-894C-2562A6BA76DF"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html","source":"talos-cna@cisco.com"},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1826","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}