CVE-2026-42482

A stack-based buffer overflow in mangletohexlower and mangletohexupper in src/rpcpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more...

CVE-2026-42482

Hashcat CVE-2026-42482 affects v7.1.2, describing a stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c. The bound check does not account for 2x expansion when converting password bytes to hexadecimal, enabling a vulnerability that could allow denial of ...

Remote Code Execution (RCE)

Giskard is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe rendering of user-controlled input using Jinja2 Template without validation, which allows an attacker to execute arbitrary code through crafted rule definitions...

EUVD-2016-1396

Malware in sbrugna...

EUVD-2017-18239

Malware in sbrugna...

EUVD-2018-11642

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-9304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in...

Linux Distros Unpatched Vulnerability : CVE-2016-10210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted rule that is...

Linux Distros Unpatched Vulnerability : CVE-2017-8929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a...

Linux Distros Unpatched Vulnerability : CVE-2016-10211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled ...

ROS-2-2174

2.2174 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

SUSE CVE-2016-10210

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted rule that is mishandled in the yygetnextbuffer function...

SUSE CVE-2016-10211

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrparserlookuploopvariable function...

SUSE CVE-2017-5924

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrcompilerdestroy function...

SUSE CVE-2017-8294

libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted rule that is mishandled in the yrreexec function...

SUSE CVE-2017-8929

The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...

SUSE CVE-2017-9304

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...

SUSE CVE-2020-1930

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...

CVE-2022-31860

An issue was discovered in OpenRemote through 1.0.4 allows attackers to execute arbitrary code via a crafted Groovy rule...

ROS-2-2246

2.2246 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...