7 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5923
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of- bounds read and application crash via a crafted rule tha...
OSV-2022-94 Heap-buffer-overflow in cli_strlcat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44087 Crash type: Heap-buffer-overflow WRITE 1 Crash state: clistrlcat yarayyparse yrlexparserulesfile...
OSV-2018-170 Heap-use-after-free in yr_re_ast_split_at_chaining_point
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11752 Crash type: Heap-use-after-free READ 4 Crash state: yrreastsplitatchainingpoint yrparserreducestringdeclaration yarayyparse...
OSV-2020-345 Index-out-of-bounds in yara_yyparse
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18942 Crash type: Index-out-of-bounds Crash state: yarayyparse yrlexparserulesstring rulesfuzzer.cc...
YARA 'yara_yyparse()' function denial of service vulnerability
YARA is a set of tools used to help software researchers identify and categorize malware samples. regex component is one of the regular expression components. A denial of service vulnerability exists in the YARA 'yarayyparse' function. A remote attacker can exploit this vulnerability to cause a...
CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...
Heap overflow
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...