CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Prion•added 2018/12/17 7:29 p.m.•21 views

Design/Logic Flaw

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OPCOUNT can read a DWORD...

7.1CVSS5.4AI score0.00255EPSS

Exploits1References4Affected Software1

CVE•added 2018/12/17 6:0 p.m.•54 views

CVE-2018-19974

CVE-2018-19974 affects YARA 3.8.1, where bytecode in a specially crafted compiled rule can read uninitialized data from the VM scratch memory in libyara/exec.c, potentially revealing addresses from the real stack. The vulnerability is confined to the YARA runtime and arises from reading uninitial...

5.5CVSS5.1AI score0.00253EPSS

Exploits1References4Affected Software1

Debian CVE•added 2018/12/17 6:0 p.m.•21 views

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

5.5CVSS5.5AI score0.00253EPSS

Exploits1

UbuntuCve•added 2018/06/15 4:29 p.m.•19 views

CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS7.1AI score0.0018EPSS

Exploits1References5

UbuntuCve•added 2018/06/15 4:29 p.m.•23 views

CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS7.1AI score0.0018EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by