Lucene search
K

5 matches found

Ubuntu
Ubuntu
added 2026/03/09 4:6 p.m.9 views

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

9.1CVSS7.2AI score0.02996EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.22 views

Fedora 30 : python-yara / yara (2019-c3627a0e7a)

update to the bugfix release 3.9.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Netwo...

5.5CVSS5.6AI score0.01276EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/01/08 12:0 a.m.24 views

YARA <= 3.8.1 Multiple Vulnerabilities

YARA is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

7.1CVSS5.5AI score0.01359EPSS
Exploits3References4
CVE
CVE
added 2018/12/17 6:0 p.m.63 views

CVE-2018-19974

CVE-2018-19974 affects YARA 3.8.1, where bytecode in a specially crafted compiled rule can read uninitialized data from the VM scratch memory in libyara/exec.c, potentially revealing addresses from the real stack. The vulnerability is confined to the YARA runtime and arises from reading uninitial...

5.5CVSS5.1AI score0.01276EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2018/12/17 6:0 p.m.24 views

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

5.5CVSS5.5AI score0.01276EPSS
Exploits1
Rows per page
Query Builder