Vulnerabilities > Sleuthkit
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-24 | CVE-2022-45639 | OS Command Injection vulnerability in Sleuthkit the Sleuth KIT 4.11.1 OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. | 7.8 |
2020-03-09 | CVE-2020-10233 | Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c. | 9.1 |
2020-03-09 | CVE-2020-10232 | Out-of-bounds Write vulnerability in multiple products In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c. | 9.8 |
2019-08-02 | CVE-2019-14532 | Off-by-one Error vulnerability in multiple products An issue was discovered in The Sleuth Kit (TSK) 4.6.6. | 9.8 |
2019-08-02 | CVE-2019-14531 | Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT 4.6.6 An issue was discovered in The Sleuth Kit (TSK) 4.6.6. | 7.5 |
2019-07-18 | CVE-2019-1010065 | Integer Overflow or Wraparound vulnerability in multiple products The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. | 6.5 |
2018-12-20 | CVE-2018-1000838 | XXE vulnerability in Sleuthkit Autopsy autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. | 7.5 |
2018-11-29 | CVE-2018-19497 | Out-of-bounds Read vulnerability in multiple products In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c). | 6.5 |
2018-06-05 | CVE-2018-11740 | Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. | 5.8 |
2018-06-05 | CVE-2018-11739 | Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. | 5.8 |