Vulnerabilities > Sleuthkit

DATE CVE VULNERABILITY TITLE RISK
2020-03-09 CVE-2020-10233 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.
network
low complexity
sleuthkit CWE-125
6.4
2020-03-09 CVE-2020-10232 Out-of-bounds Write vulnerability in Sleuthkit the Sleuth KIT
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
network
low complexity
sleuthkit CWE-787
7.5
2019-08-02 CVE-2019-14532 Off-by-one Error vulnerability in multiple products
An issue was discovered in The Sleuth Kit (TSK) 4.6.6.
network
low complexity
sleuthkit fedoraproject CWE-193
7.5
2019-08-02 CVE-2019-14531 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT 4.6.6
An issue was discovered in The Sleuth Kit (TSK) 4.6.6.
network
low complexity
sleuthkit CWE-125
7.5
2019-07-18 CVE-2019-1010065 Integer Overflow or Wraparound vulnerability in Sleuthkit the Sleuth KIT
The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow.
network
sleuthkit CWE-190
4.3
2018-12-20 CVE-2018-1000838 XXE vulnerability in Sleuthkit Autopsy
autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
network
low complexity
sleuthkit CWE-611
7.5
2018-11-29 CVE-2018-19497 Out-of-bounds Read vulnerability in multiple products
In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c).
4.3
2018-06-05 CVE-2018-11740 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
sleuthkit CWE-125
5.8
2018-06-05 CVE-2018-11739 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
sleuthkit CWE-125
5.8
2018-06-05 CVE-2018-11738 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
sleuthkit CWE-125
5.8