Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virustotal yara 3.5.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-11328
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Virustotal Yara 3.4.0
Virustotal Yara 3.6.2
Virustotal Yara 3.3.0
Virustotal Yara 3.6.3
Virustotal Yara 3.5.0
Virustotal Yara 3.6.0
Virustotal Yara 3.6.1
Virustotal Yara 3.1.0
Virustotal Yara 3.2.0
Virustotal Yara 3.0.0
7.5
CVSSv3
CVE-2017-8929
The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-8294
libyara/re.c in the regex component in YARA 3.5.0 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2016-10210
libyara/lexer.l in YARA 3.5.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote malicious users to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function.
Virustotal Yara 3.5.0
7.5
CVSSv3
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
Virustotal Yara 3.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started