) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:virustotal:yara:3.8.1
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-3402 |
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4 Published: May 14, 2021; 5:15:07 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2019-5020 |
An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability. Published: July 31, 2019; 1:15:11 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-19976 |
In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine. Published: December 17, 2018; 2:29:02 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-19975 |
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD. Published: December 17, 2018; 2:29:01 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2018-19974 |
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack). Published: December 17, 2018; 2:29:01 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |