Vulnerabilities > Virustotal > Yara > 3.5.0

DATE CVE VULNERABILITY TITLE RISK
2017-04-03 CVE-2016-10211 Use After Free vulnerability in Virustotal Yara 3.5.0
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
network
low complexity
virustotal CWE-416
5.0
5.0
2017-04-03 CVE-2016-10210 NULL Pointer Dereference vulnerability in Virustotal Yara 3.5.0
libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.
network
low complexity
virustotal CWE-476
5.0
5.0