VYPR

Hivex

by Debian

Source repositories

CVEs (3)

  • CVE-2021-3504MedMay 11, 2021
    risk 0.35cvss 5.4epss 0.02

    A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or…

  • CVE-2021-3622MedDec 23, 2021
    risk 0.00cvss 4.3epss 0.05

    A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to…

  • CVE-2014-9273Dec 8, 2014
    risk 0.00cvss epss 0.01

    lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.