Virustotal Yara

Do you want an email whenever new security vulnerabilities are reported in Virustotal Yara?

By the Year

In 2021 there have been 1 vulnerability in Virustotal Yara with an average score of 9.1 out of ten. Yara did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2021 as compared to last year.

Year	Vulnerabilities	Average Score
2021	1	9.10
2020	0	0.00
2019	2	6.65
2018	5	6.42

It may take a day or so for new Yara vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Virustotal Yara Security Vulnerabilities

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could

CVE-2021-3402 9.1 - Critical - May 14, 2021

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4

Integer Overflow or Wraparound

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size

CVE-2019-19648 7.8 - High - December 09, 2019

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.

Out-of-bounds Read

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1

CVE-2019-5020 5.5 - Medium - July 31, 2019

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability.

Improper Input Validation

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c

CVE-2018-19974 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).

Use of Uninitialized Resource

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c

CVE-2018-19975 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

Out-of-bounds Read

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c

CVE-2018-19976 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

Information Disclosure

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file

CVE-2018-12034 7.8 - High - June 15, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.

Out-of-bounds Read

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file

CVE-2018-12035 7.8 - High - June 15, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.

Memory Corruption

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings)

CVE-2017-9438 7.5 - High - June 05, 2017

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.

Stack Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Virustotal Yara or by Virustotal? Click the Watch button to subscribe.

Virustotal
Vendor

Virustotal Yara
Product

Virustotal Yara

By the Year

Recent Virustotal Yara Security Vulnerabilities

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could CVE-2021-3402 9.1 - Critical - May 14, 2021

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size CVE-2019-19648 7.8 - High - December 09, 2019

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1 CVE-2019-5020 5.5 - Medium - July 31, 2019

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c CVE-2018-19974 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c CVE-2018-19975 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c CVE-2018-19976 5.5 - Medium - December 17, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file CVE-2018-12034 7.8 - High - June 15, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file CVE-2018-12035 7.8 - High - June 15, 2018

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) CVE-2017-9438 7.5 - High - June 05, 2017

Stay on top of Security Vulnerabilities

Virustotal Vendor

Virustotal YaraProduct

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could

CVE-2021-3402 9.1 - Critical - May 14, 2021

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size

CVE-2019-19648 7.8 - High - December 09, 2019

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1

CVE-2019-5020 5.5 - Medium - July 31, 2019

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c

CVE-2018-19974 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c

CVE-2018-19975 5.5 - Medium - December 17, 2018

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c

CVE-2018-19976 5.5 - Medium - December 17, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file

CVE-2018-12034 7.8 - High - June 15, 2018

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file

CVE-2018-12035 7.8 - High - June 15, 2018

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings)

CVE-2017-9438 7.5 - High - June 05, 2017

Virustotal
Vendor

Virustotal Yara
Product