Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-31047
In Django 3.2 prior to 3.2.19, 4.x prior to 4.1.9, and 4.2 prior to 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file wa...
Djangoproject Django 4.2
Djangoproject Django
Fedoraproject Fedora 38
9.8
CVSSv3
CVE-2023-30090
Semcms Shop v4.2 exists to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Sem-cms Semcms 4.2
9.8
CVSSv3
CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Se...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
46 Github repositories
2 Articles
9.8
CVSSv3
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.2
Sap Businessobjects 4.3
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp 4.2.8
Ntp Ntp
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
9.8
CVSSv3
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp 4.2.8
Ntp Ntp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
9.8
CVSSv3
CVE-2016-3819
Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 allows remote malicious users to execute arbitrary code or cause a denial of service...
Google Android 5.1.0
Google Android 4.2
Google Android 4.1
Google Android 6.0.1
Google Android 6.0
Google Android 4.0.2
Google Android 4.4.3
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 4.2.1
Google Android 5.0.1
Google Android 5.0
Google Android 4.0.3
Google Android 4.0
Google Android 4.4
Google Android 4.4.1
Google Android 4.2.2
Google Android 4.3.1
Google Android 4.4.2
Google Android 5.1
Google Android 4.1.2
9.8
CVSSv3
CVE-2016-3821
libmedia in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 has certain incorrect declarations, which allows remote malicious users to execute arbitrary code or cause a denial of service (NULL pointer dereference ...
Google Android 5.1.0
Google Android 4.2
Google Android 4.1
Google Android 6.0.1
Google Android 6.0
Google Android 4.0.2
Google Android 4.4.3
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 4.2.1
Google Android 5.0.1
Google Android 5.0
Google Android 4.0.3
Google Android 4.0
Google Android 4.4
Google Android 4.4.1
Google Android 4.2.2
Google Android 4.3.1
Google Android 4.4.2
Google Android 5.1
Google Android 4.1.2
9.8
CVSSv3
CVE-2016-2506
DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-07-01 does not validate a certain offset value, which allows remote malicious users to execute arbitrary code or cause a denial of se...
Google Android 5.1.0
Google Android 4.2
Google Android 4.1
Google Android 6.0.1
Google Android 6.0
Google Android 4.0.2
Google Android 4.4.3
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 4.2.1
Google Android 5.0.1
Google Android 5.0
Google Android 4.0.3
Google Android 4.0
Google Android 4.4
Google Android 4.4.1
Google Android 4.2.2
Google Android 4.3.1
Google Android 4.4.2
Google Android 5.1
Google Android 4.1.2
9.8
CVSSv3
CVE-2016-2428
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-05-01 does not properly limit the number of threads, which allows remote malicious users to execute arbitrary code or cause a denial of ser...
Google Android 5.1.0
Google Android 4.2
Google Android 4.1
Google Android 6.0.1
Google Android 6.0
Google Android 4.0.2
Google Android 4.4.3
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 4.2.1
Google Android 5.0.1
Google Android 5.0
Google Android 4.0.3
Google Android 4.0
Google Android 4.4
Google Android 4.4.1
Google Android 4.2.2
Google Android 4.3.1
Google Android 4.4.2
Google Android 5.1
Google Android 4.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »