Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.2 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-23659
SPIP prior to 4.1.14 and 4.2.x prior to 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js.
Spip Spip
7.3
CVSSv3
CVE-2023-7104
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recom...
Sqlite Sqlite
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2023-5678
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications...
Openssl Openssl
1 Github repository
5.5
CVSSv3
CVE-2023-22644
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: prior to 4.2....
Suse Manager Server
6.5
CVSSv3
CVE-2023-39615
Xmlsoft Libxml2 v2.11.0 exists to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the p...
Xmlsoft Libxml2 2.11.0
5.3
CVSSv3
CVE-2023-3817
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2j
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2f
Openssl Openssl 1.0.2i
Openssl Openssl 1.0.2d
Openssl Openssl 1.0.2k
Openssl Openssl 1.0.2l
Openssl Openssl 1.0.2m
Openssl Openssl 1.0.2zb
Openssl Openssl 1.0.2n
Openssl Openssl 1.0.2o
Openssl Openssl 1.0.2p
Openssl Openssl 1.0.2q
Openssl Openssl 1.0.2r
Openssl Openssl 1.0.2s
Openssl Openssl 1.0.2t
1 Github repository
5.3
CVSSv3
CVE-2023-3446
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that...
Openssl Openssl 1.0.2
Openssl Openssl 1.1.1
Openssl Openssl 3.0.0
Openssl Openssl 3.1.1
Openssl Openssl 3.1.0
9.8
CVSSv3
CVE-2023-31047
In Django 3.2 prior to 3.2.19, 4.x prior to 4.1.9, and 4.2 prior to 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file wa...
Djangoproject Django 4.2
Djangoproject Django
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-30090
Semcms Shop v4.2 exists to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Sem-cms Semcms 4.2
7.2
CVSSv3
CVE-2023-1328
A vulnerability was found in Guizhou 115cms 4.2. It has been classified as problematic. Affected is an unknown function of the file /admin/content/index. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to...
115cms 115cms 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »