Known Vulnerabilities for products from Virustotal
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Virustotal".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40857 json | Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execut... | 8.8 - HIGH | 2023-08-28 | 2023-08-31 |
| CVE-2021-45429 json | A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_conf... | 5.5 - MEDIUM | 2022-02-04 | 2024-02-02 |
| CVE-2021-3402 json | An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow... | 9.1 - CRITICAL | 2021-05-14 | 2023-11-07 |
| CVE-2019-19648 json | In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A... | 7.8 - HIGH | 2019-12-09 | 2023-11-07 |
| CVE-2019-5020 json | An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted b... | 5.5 - MEDIUM | 2019-07-31 | 2022-06-13 |
| CVE-2018-19976 json | In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec... | 5.5 - MEDIUM | 2018-12-17 | 2023-11-07 |
| CVE-2018-19975 json | In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/e... | 5.5 - MEDIUM | 2018-12-17 | 2023-11-07 |
| CVE-2018-19974 json | In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/ex... | 5.5 - MEDIUM | 2018-12-17 | 2023-11-07 |
| CVE-2018-12035 json | In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_... | 7.8 - HIGH | 2018-06-15 | 2018-08-01 |
| CVE-2018-12034 json | In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_e... | 7.8 - HIGH | 2018-06-15 | 2018-08-01 |
| CVE-2018-10408 json | An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. ... | 7.8 - HIGH | 2018-06-13 | 2019-10-03 |
| CVE-2017-11328 json | Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by ... | Not Provided | 2017-07-17 | 2025-04-20 |
| CVE-2017-9465 json | The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and app... | 7.1 - HIGH | 2017-06-06 | 2019-10-03 |
| CVE-2017-9438 json | libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via ... | 7.5 - HIGH | 2017-06-05 | 2023-11-07 |
| CVE-2017-9304 json | libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via ... | Not Provided | 2017-05-31 | 2025-04-20 |
| CVE-2017-8929 json | The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-a... | Not Provided | 2017-05-14 | 2025-04-20 |
| CVE-2017-8294 json | libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read an... | Not Provided | 2017-04-27 | 2025-04-20 |
| CVE-2017-5924 json | libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) v... | Not Provided | 2017-04-03 | 2025-04-20 |
| CVE-2017-5923 json | libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and appli... | Not Provided | 2017-04-03 | 2025-04-20 |
| CVE-2016-10211 json | libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) v... | Not Provided | 2017-04-03 | 2025-04-20 |
Known software with vulnerabilities from Virustotal
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Virustotal | Virustotal | - |
| Application | Virustotal | Yara | 1.7.1 |