Linux Distros Unpatched Vulnerability : CVE-2017-5923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of- bounds read and application crash via a crafted rule tha...

Linux Distros Unpatched Vulnerability : CVE-2017-9304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in...

Linux Distros Unpatched Vulnerability : CVE-2018-12034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

OPENSUSE-SU-2024:11530-1 libyara-devel-4.1.1-1.2 on GA media

These are all security issues fixed in the libyara-devel-4.1.1-1.2 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2016-10210

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted rule that is mishandled in the yygetnextbuffer function...

SUSE CVE-2017-8929

The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...

SUSE CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

SUSE CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

SUSE CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

SUSE CVE-2018-19976

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine...

PT-2022-12351

Name of the Vulnerable Software and Affected Versions VirusTotal YARA affected versions not specified Description A Buffer Overflow issue exists in VirusTotal YARA, specifically via yr set configuration in yara/libyara/libyara.c, which could cause a Denial of Service. Recommendations At the momen...

CVE-2021-3402

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

DEBIAN-CVE-2021-3402

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

Integer overflow

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

CVE-2021-3402

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

CVE-2021-3402

CVE-2021-3402 affects YARA v4.0.3 and earlier due to an integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c. This can allow a malicious Mach-O file to cause a denial of service or information disclosure . The vulnerability is fixed in libyara 4.0.4 ; upgrading to t...

CVE-2021-3402

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

YARA 输入验证错误漏洞

YARA is a set of tools used to help software researchers identify and categorize malware samples. An input validation error vulnerability in YARA v4.0.3 and earlier, which stems from integer overflow and buffer overflow reads in libyara/modules/macho/macho.c, allows attackers to cause a denial of...

YARA libyara/exec.c file information disclosure vulnerability (CNVD-2019-32348)

YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the libyara/exec.c file in YARA version 3.8.1. An attacker can exploit the vulnerability to obtain addresses in the real stack...

YARA libyara/exec.c File Information Disclosure Vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the libyara/exec.c file in YARA version 3.8.1. An attacker could exploit this vulnerability to obtain environment information...