Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virustotal yara vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-11328
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Virustotal Yara 3.6.1
Virustotal Yara 3.6.2
Virustotal Yara 3.6.3
Virustotal Yara 3.0.0
Virustotal Yara 3.3.0
Virustotal Yara 3.5.0
Virustotal Yara 3.4.0
Virustotal Yara 3.6.0
Virustotal Yara 3.1.0
Virustotal Yara 3.2.0
605
VMScore
CVE-2018-12035
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
605
VMScore
CVE-2018-12034
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
Virustotal Yara
383
VMScore
CVE-2021-45429
A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.
Virustotal Yara
445
VMScore
CVE-2017-8929
The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote malicious users to cause a denial of service (use-after-free and application crash) via a crafted rule.
Virustotal Yara 3.5.0
446
VMScore
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
Virustotal Yara 3.5.0
NA
CVE-2023-40857
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote malicious user to execute arbtirary code via the yr_execute_cod function in the exe.c component.
Virustotal Yara 4.3.2
383
VMScore
CVE-2018-19974
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow malicious users to discover addresses in the real stack (not the YARA virtual stack).
Virustotal Yara 3.8.1
632
VMScore
CVE-2018-19975
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
Virustotal Yara 3.8.1
383
VMScore
CVE-2018-19976
In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.
Virustotal Yara 3.8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »