Lucene search
K
SleuthkitThe Sleuth Kit

18 matches found

CVE
CVE
added 2023/01/24 12:0 a.m.171 views

CVE-2022-45639

SLEUTHKIT: CVE-2022-45639 affects the fls tool (SleuthKit) 4.11.1, enabling OS command injection via a crafted value to the -m parameter. The vulnerability stems from the handling of the input in the m field, potentially allowing an attacker to execute arbitrary commands on the host when run loca...

7.8CVSS8AI score0.0466EPSS
CVE
CVE
added 2020/03/08 11:52 p.m.152 views

CVE-2020-10232

The Sleuth Kit (TSK) up to version 4.8.0 contains a stack buffer overflow in the YAFFS file timestamp parsing in yaffsfs_istat() (fs/yaffs.c). Affected component is the YAFFS timestamp parsing logic; impact is high (potential crash or exploitation as implied by CVSS). Remediation: upgrade to newe...

9.8CVSS9.4AI score0.02419EPSS
CVE
CVE
added 2020/03/08 11:52 p.m.133 views

CVE-2020-10233

CVE-2020-10233 affects The Sleuth Kit (TSK) up to version 4.8.0, where a heap-based buffer over-read occurs in ntfs_dinode_lookup (fs/ntfs.c). Exploitation details are not provided in the available documents, but multiple sources indicate this fixed with a 4.9.0 release. Remediation: upgrade to T...

9.1CVSS9.3AI score0.02352EPSS
CVE
CVE
added 2018/11/29 11:0 p.m.107 views

CVE-2018-19497

CVE-2018-19497 affects The Sleuth Kit (TSK) up to 4.6.4 via hfs_cat_traverse in tsk/fs/hfs.c, where an oversized key length can cause a denial of service (SEGV in tsk_getu16 during hfs_dir_open_meta_cb). Public docsets indicate mitigations/patches: Debian LTS/DLA-3054-1 fixes SleuthKit in Debian ...

6.5CVSS6.2AI score0.01523EPSS
CVE
CVE
added 2019/07/18 4:5 p.m.79 views

CVE-2019-1010065

The CVE affects The Sleuth Kit (TSK) 4.6.0 and earlier, where an Integer Overflow in tsk/fs/hfs.c (hfs_cat_traverse()) can cause a crash when opening a crafted HFS disk image. Affected component is the fls tool for HFS images, with the crash trace at hfs_dent.c:237 and references to hfs_cat_trave...

6.5CVSS6.4AI score0.01373EPSS
CVE
CVE
added 2017/08/29 11:0 p.m.73 views

CVE-2017-13760

CVE-2017-13760 affects The Sleuth Kit (TSK) 4.4.2, where fls hangs when processing a corrupt exFAT image due to a flaw in tsk_img_read() (tsk/img/img_io.c, libtskimg.a). The issue is explicitly noted in multiple open-source advisories and Debian/Mageia references tied to TSK 4.4.2 with exFAT scen...

5.5CVSS5.5AI score0.00739EPSS
CVE
CVE
added 2017/08/29 10:0 p.m.72 views

CVE-2017-13755

CVE-2017-13755 affects The Sleuth Kit (TSK) 4.4.2, where opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() (tsk/fs/iso9660_dent.c). Related issues include CVE-2017-13756 (infinite recursion in dos_load_ext_table() used by mmls) and CVE-2017-13760 (fls hang on c...

5.5CVSS5.4AI score0.00744EPSS
CVE
CVE
added 2019/08/02 2:7 p.m.72 views

CVE-2019-14532

CVE-2019-14532 affects The Sleuth Kit (TSK) 4.6.6, with an off-by-one overwrite caused by an underflow in tools/hashtools/hfind.cpp when using a bogus hash table. The vulnerability can be exploited remotely (network) with no authentication and no user interaction, yielding partial confidentiality...

9.8CVSS9.1AI score0.02099EPSS
CVE
CVE
added 2017/08/29 10:0 p.m.67 views

CVE-2017-13756

The Sleuth Kit (TSK) 4.4.2 contains CVE-2017-13756, where opening a crafted disk image triggers infinite recursion in dos_load_ext_table() (tsk/vs/dos.c) inside libtskvs.a, potentially causing a crash. Public notices across distributions report fixes: Debian’s sleuthkit package update (e.g., 4.4....

5.5CVSS5.5AI score0.00703EPSS
CVE
CVE
added 2014/09/29 10:0 p.m.55 views

CVE-2012-5619

Summary (CVE-2012-5619) The Sleuth Kit (TSK) 4.0.1 fails to properly handle "." (dotfile) entries on FAT and other non-reserved-name filesystems, enabling local attackers to obscure forensic activity (e.g., Flame’s demonstration). Connected documents corroborate this dotfile handling issue and it...

2.1CVSS5.1AI score0.00353EPSS
CVE
CVE
added 2018/06/05 11:0 a.m.52 views

CVE-2018-11740

The Sleuth Kit (TSK) vulnerability CVE-2018-11740 affects libtskbase.a (TSK) from releases 4.0.2 through 4.6.1. The issue is an out-of-bounds read in tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c, which could allow an attacker to disclose information or read unmapped memory, potentially causing a den...

8.1CVSS5.4AI score0.0131EPSS
CVE
CVE
added 2018/06/05 11:0 a.m.51 views

CVE-2018-11739

CVE-2018-11739 affects The Sleuth Kit (TSK) libtskimg.a, specifically the raw_read function in tsk/img/raw.c, with out-of-bounds reads in TS K releases 4.0.2–4.6.1. This can disclose memory content or cause a denial of service. The issue is confirmed across multiple connected sources; remediation...

8.1CVSS6.1AI score0.01302EPSS
CVE
CVE
added 2018/06/05 11:0 a.m.48 views

CVE-2018-11737

The Sleuth Kit (TSK) libtskfs.a releases 4.0.2–4.6.1 contain an out-of-bounds read in ntfs_fix_idxrec (tsk/fs/ntfs_dent.cpp) that could disclose information or read from unmapped memory, causing a denial of service (CVE-2018-11737). Related issues include CVE-2018-11738 (ntfs_make_data_run), CVE-...

8.1CVSS5.7AI score0.01326EPSS
CVE
CVE
added 2018/06/05 11:0 a.m.46 views

CVE-2018-11738

The Sleuth Kit (TSK) libtskfs.a versions 4.0.2–4.6.1 are affected by CVE-2018-11738 due to an out-of-bounds read in ntfs_make_data_run (tsk/fs/ntfs.c). This can disclose information or allow reading unmapped memory, potentially causing a denial of service. Connected advisories note fixes in later...

8.1CVSS6.1AI score0.01326EPSS
CVE
CVE
added 2019/08/02 2:7 p.m.45 views

CVE-2019-14531

CVE-2019-14531 describes an out-of-bounds read in The Sleuth Kit (TSK) v4.6.6 while parsing System Use Sharing Protocol data in fs/iso9660.c (iso9660). The issue is tied to TSK’s handling of ISO9660 data; the connected sources confirm the exact affected component and location, but do not provide ...

9.8CVSS9.4AI score0.01804EPSS
CVE
CVE
added 2026/04/08 9:35 p.m.22 views

CVE-2026-40025

The vulnerability CVE-2026-40025 affects Sleuth Kit up to version 4.14.0, in the APFS filesystem keybag parser. The root cause is an out-of-bounds read: the wrapped_key_parser uses attacker-controlled length fields without bounds checking, enabling heap reads past the allocated buffer. A crafted ...

6.1CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2026/04/08 9:35 p.m.18 views

CVE-2026-40024

The vulnerability affects Sleuth Kit up to version 4.14.0, specifically in the tsk_recover component. A path traversal flaw allows an attacker to write files outside the intended recovery directory by crafting filesystem images with embedded /.. sequences in filenames, which can lead to overwriti...

8.4CVSS6.5AI score0.00167EPSS
CVE
CVE
added 2026/04/08 9:35 p.m.11 views

CVE-2026-40026

CVE-2026-40026 affects The Sleuth Kit up to version 4.14.0. The ISO9660 SUSP extension parser’s parse_susp() trusts length fields (len_id, len_des, len_src) from the disk image and copies data into a stack buffer without validating source bounds, enabling reads past the SUSP data buffer and poten...

7.1CVSS6AI score0.00126EPSS