Virustotal

Yara

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-40857

Exploit
  • EPSS 1.3%
  • Veröffentlicht 28.08.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 08:20:14

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

5.5

CVE-2021-45429

Exploit
  • EPSS 0.07%
  • Veröffentlicht 04.02.2022 19:15:08
  • Zuletzt bearbeitet 27.03.2025 15:09:12

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.

9.1

CVE-2021-3402

Exploit
  • EPSS 1.05%
  • Veröffentlicht 14.05.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:25

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions be...

7.8

CVE-2019-19648

Exploit
  • EPSS 0.56%
  • Veröffentlicht 09.12.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:07

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or...

5.5

CVE-2019-5020

Exploit
  • EPSS 0.29%
  • Veröffentlicht 31.07.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:44:12

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create...

5.5

CVE-2018-19976

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.12.2018 19:29:02
  • Zuletzt bearbeitet 21.11.2024 03:58:55

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

7.1

CVE-2018-19975

Exploit
  • EPSS 0.24%
  • Veröffentlicht 17.12.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 03:58:55

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

5.5

CVE-2018-19974

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.12.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 03:58:55

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).

7.8

CVE-2018-12034

Exploit
  • EPSS 0.31%
  • Veröffentlicht 15.06.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:27

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.

7.8

CVE-2018-12035

Exploit
  • EPSS 0.31%
  • Veröffentlicht 15.06.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:27

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.