Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virustotal yara vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-11328
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Virustotal Yara 3.4.0
Virustotal Yara 3.6.2
Virustotal Yara 3.3.0
Virustotal Yara 3.6.3
Virustotal Yara 3.5.0
Virustotal Yara 3.6.0
Virustotal Yara 3.6.1
Virustotal Yara 3.1.0
Virustotal Yara 3.2.0
Virustotal Yara 3.0.0
7.8
CVSSv3
CVE-2018-12035
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
5.5
CVSSv3
CVE-2021-45429
A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.
Virustotal Yara
7.8
CVSSv3
CVE-2018-12034
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
5.5
CVSSv3
CVE-2019-5020
An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger...
Virustotal Yara 3.8.1
7.5
CVSSv3
CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.
Virustotal Yara 3.5.0
8.8
CVSSv3
CVE-2023-40857
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote malicious user to execute arbtirary code via the yr_execute_cod function in the exe.c component.
Virustotal Yara 4.3.2
7.5
CVSSv3
CVE-2016-10210
libyara/lexer.l in YARA 3.5.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-8929
The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule.
Virustotal Yara 3.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »