Vulnerabilities > Sleuthkit > THE Sleuth KIT > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-09 CVE-2020-10232 Out-of-bounds Write vulnerability in multiple products
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
network
low complexity
sleuthkit debian fedoraproject CWE-787
critical
 9.8
9.8
2020-03-09 CVE-2020-10233 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.
network
low complexity
sleuthkit CWE-125
critical
 9.1
9.1
2019-08-02 CVE-2019-14532 Off-by-one Error vulnerability in multiple products
An issue was discovered in The Sleuth Kit (TSK) 4.6.6.
network
low complexity
sleuthkit fedoraproject CWE-193
critical
 9.8
9.8