Yara Security Vulnerabilities and Issues — Yara CVE List

Lucene search

VirustotalYara

5 matches found

CVE•added 2017/04/27 2:59 p.m.•48 views

CVE-2017-8294

libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.

7.5CVSS7AI score0.00514EPSS

CVE•added 2017/04/03 5:59 a.m.•41 views

CVE-2016-10211

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.

7.5CVSS7AI score0.00787EPSS

CVE•added 2017/04/03 5:59 a.m.•40 views

CVE-2017-5924

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.

7.5CVSS7.1AI score0.00546EPSS

CVE•added 2017/04/03 5:59 a.m.•38 views

CVE-2016-10210

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.

7.5CVSS7AI score0.00641EPSS

CVE•added 2017/04/03 5:59 a.m.•37 views

CVE-2017-5923

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function.

7.5CVSS7AI score0.00787EPSS