Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-1304
Stack-based buffer overflow in the ELF header parsing code in file prior to 4.12 allows malicious users to execute arbitrary code via a crafted ELF file.
File File 4.3
File File 4.4
File File 4.1
File File 4.10
File File 4.7
File File 4.8
File File 4.11
File File 4.2
File File 4.9
File File 4.0
File File 4.5
File File 4.6
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Gentoo Linux
Trustix Secure Linux 2.2
1 EDB exploit
4.6
CVSSv2
CVE-2003-0102
Buffer overflow in tryelf() in readelf.c of the file command allows malicious users to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
File File 3.30
File File 3.32
File File 3.28
File File 3.37
File File 3.39
File File 3.40
File File 3.33
File File 3.34
File File 3.35
File File 3.36
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
2 EDB exploits
5
CVSSv2
CVE-2014-9621
The ELF parser in file 5.16 up to and including 5.21 allows remote malicious users to cause a denial of service via a long string.
File Project File 5.20
File Project File 5.21
File Project File 5.16
File Project File 5.17
File Project File 5.18
File Project File 5.19
4.3
CVSSv2
CVE-2008-1564
Directory traversal vulnerability in Dan Costin File Transfer prior to 1.2f allows remote malicious users to read arbitrary files via a "..\" (dot dot backslash) in the filename.
File-transfer File Transfer 1.2e
File-transfer File Transfer 1.2b
File-transfer File Transfer 1.2c
File-transfer File Transfer 1.2d
1 EDB exploit
6.5
CVSSv2
CVE-2014-2558
The File Gallery plugin prior to 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function.
Skyphe File-gallery 1.7.2
Skyphe File-gallery 1.7.1
Skyphe File-gallery 1.7
Skyphe File-gallery 1.6.5.5
Skyphe File-gallery 1.6.6
Skyphe File-gallery 1.6.5.4
Skyphe File-gallery 1.6.5.3
Skyphe File-gallery 1.5.7
Skyphe File-gallery 1.5.6
Skyphe File-gallery 1.5.5
Skyphe File-gallery 1.5.4
Skyphe File-gallery 1.7.5.3
Skyphe File-gallery 1.7.5.1
Skyphe File-gallery 1.7.5
Skyphe File-gallery 1.6.3
Skyphe File-gallery 1.6.2
Skyphe File-gallery 1.6.0.1
Skyphe File-gallery 1.6
Skyphe File-gallery 1.5
Skyphe File-gallery
Skyphe File-gallery 1.7.7
Skyphe File-gallery 1.7.4.1
9.3
CVSSv2
CVE-2009-3930
Multiple integer overflows in Christos Zoulas file prior to 5.02 allow user-assisted remote malicious users to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.
Christos Zoulas File 5.00
Christos Zoulas File 4.26
Christos Zoulas File 4.17
Christos Zoulas File 4.16
Christos Zoulas File 4.15
Christos Zoulas File 4.07
Christos Zoulas File 4.06
Christos Zoulas File 3.39
Christos Zoulas File 3.38
Christos Zoulas File
Christos Zoulas File 4.23
Christos Zoulas File 4.21
Christos Zoulas File 4.12
Christos Zoulas File 4.11
Christos Zoulas File 4.02
Christos Zoulas File 4.01
Christos Zoulas File 3.34
Christos Zoulas File 3.33
Christos Zoulas File 4.20
Christos Zoulas File 4.19
Christos Zoulas File 4.09
Christos Zoulas File 4.08
5
CVSSv2
CVE-2018-3724
general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path.
General-file-server Project General-file-server 1.1.6
General-file-server Project General-file-server 1.1.4
General-file-server Project General-file-server 1.1.2
General-file-server Project General-file-server 1.0.0
General-file-server Project General-file-server 1.1.8
General-file-server Project General-file-server 1.1.7
General-file-server Project General-file-server 1.1.5
General-file-server Project General-file-server 1.1.3
3.5
CVSSv2
CVE-2019-5458
Cross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Http-file-server Project Http-file-server 0.1.0
Http-file-server Project Http-file-server 0.2.0
Http-file-server Project Http-file-server 0.2.1
Http-file-server Project Http-file-server 0.2.2
Http-file-server Project Http-file-server 0.2.3
Http-file-server Project Http-file-server 0.2.4
Http-file-server Project Http-file-server 0.2.5
Http-file-server Project Http-file-server 0.2.6
6.8
CVSSv2
CVE-2018-17095
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
Audio File Library Project Audio File Library 0.3.0
Audio File Library Project Audio File Library 0.3.1
Audio File Library Project Audio File Library 0.3.2
Audio File Library Project Audio File Library 0.3.3
Audio File Library Project Audio File Library 0.3.4
Audio File Library Project Audio File Library 0.3.5
Audio File Library Project Audio File Library 0.3.6
Canonical Ubuntu Linux 14.04
4
CVSSv2
CVE-2009-4815
Directory traversal vulnerability in Serv-U prior to 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.0
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.0.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »