Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1304
Stack-based buffer overflow in the ELF header parsing code in file prior to 4.12 allows malicious users to execute arbitrary code via a crafted ELF file.
File File 4.7
File File 4.5
File File 4.4
File File 4.1
File File 4.10
File File 4.2
File File 4.9
File File 4.6
File File 4.3
File File 4.8
File File 4.0
File File 4.11
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Gentoo Linux
1 EDB exploit
NA
CVE-2003-0102
Buffer overflow in tryelf() in readelf.c of the file command allows malicious users to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
File File 3.33
File File 3.28
File File 3.35
File File 3.30
File File 3.36
File File 3.39
File File 3.40
File File 3.32
File File 3.34
File File 3.37
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
2 EDB exploits
NA
CVE-2014-9621
The ELF parser in file 5.16 up to and including 5.21 allows remote malicious users to cause a denial of service via a long string.
File Project File 5.21
File Project File 5.19
File Project File 5.17
File Project File 5.18
File Project File 5.16
File Project File 5.20
NA
CVE-2008-1564
Directory traversal vulnerability in Dan Costin File Transfer prior to 1.2f allows remote malicious users to read arbitrary files via a "..\" (dot dot backslash) in the filename.
File-transfer File Transfer 1.2d
File-transfer File Transfer 1.2c
File-transfer File Transfer 1.2e
File-transfer File Transfer 1.2b
1 EDB exploit
NA
CVE-2014-2558
The File Gallery plugin prior to 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function.
Skyphe File-gallery 1.7
Skyphe File-gallery 1.5.6
Skyphe File-gallery 1.7.4.1
Skyphe File-gallery 1.5.8
Skyphe File-gallery 1.7.5
Skyphe File-gallery 1.7.4
Skyphe File-gallery 1.6.5
Skyphe File-gallery
Skyphe File-gallery 1.5
Skyphe File-gallery 1.7.8
Skyphe File-gallery 1.5.4
Skyphe File-gallery 1.7.6
Skyphe File-gallery 1.4
Skyphe File-gallery 1.5.1
Skyphe File-gallery 1.6.5.2
Skyphe File-gallery 1.6.4
Skyphe File-gallery 1.6.5.5
Skyphe File-gallery 1.2
Skyphe File-gallery 1.6.5.3
Skyphe File-gallery 1.5.3
Skyphe File-gallery 1.5.7
Skyphe File-gallery 1.3
NA
CVE-2009-3930
Multiple integer overflows in Christos Zoulas file prior to 5.02 allow user-assisted remote malicious users to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.
Christos Zoulas File 5.00
Christos Zoulas File 4.19
Christos Zoulas File 4.08
Christos Zoulas File 3.32
Christos Zoulas File 4.04
Christos Zoulas File 3.41
Christos Zoulas File 4.26
Christos Zoulas File 4.02
Christos Zoulas File 4.17
Christos Zoulas File 4.11
Christos Zoulas File 3.34
Christos Zoulas File 3.38
Christos Zoulas File 3.39
Christos Zoulas File 4.03
Christos Zoulas File 4.06
Christos Zoulas File 4.20
Christos Zoulas File 4.09
Christos Zoulas File 3.37
Christos Zoulas File 4.14
Christos Zoulas File 4.13
Christos Zoulas File 3.40
Christos Zoulas File 4.23
5.4
CVSSv3
CVE-2019-5458
Cross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Http-file-server Project Http-file-server 0.1.0
Http-file-server Project Http-file-server 0.2.0
Http-file-server Project Http-file-server 0.2.1
Http-file-server Project Http-file-server 0.2.2
Http-file-server Project Http-file-server 0.2.3
Http-file-server Project Http-file-server 0.2.4
Http-file-server Project Http-file-server 0.2.5
Http-file-server Project Http-file-server 0.2.6
7.5
CVSSv3
CVE-2018-3724
general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path.
General-file-server Project General-file-server 1.1.8
General-file-server Project General-file-server 1.1.7
General-file-server Project General-file-server 1.1.6
General-file-server Project General-file-server 1.1.5
General-file-server Project General-file-server 1.1.4
General-file-server Project General-file-server 1.1.3
General-file-server Project General-file-server 1.1.2
General-file-server Project General-file-server 1.0.0
8.8
CVSSv3
CVE-2018-17095
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
Audio File Library Project Audio File Library 0.3.6
Audio File Library Project Audio File Library 0.3.5
Audio File Library Project Audio File Library 0.3.4
Audio File Library Project Audio File Library 0.3.3
Audio File Library Project Audio File Library 0.3.2
Audio File Library Project Audio File Library 0.3.1
Audio File Library Project Audio File Library 0.3.0
Canonical Ubuntu Linux 14.04
NA
CVE-2009-4815
Directory traversal vulnerability in Serv-U prior to 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
Solarwinds Serv-u File Server 3.1.0.3
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.9
Solarwinds Serv-u File Server 5.0.0.11
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 5.2.0.0
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 6.0.0.0
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server 6.1.0.1
Solarwinds Serv-u File Server 6.1.0.4
Solarwinds Serv-u File Server 6.1.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »