Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project file vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-7747
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-ste...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Fedoraproject Fedora 23
Canonical Ubuntu Linux 15.04
Audio File Library Project Audio File Library
4.4
CVSSv3
CVE-2019-8905
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
Debian Debian Linux 8.0
File Project File 5.35
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 15.0
Opensuse Leap 42.3
6.5
CVSSv3
CVE-2018-10360
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
File Project File 5.33
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Opensuse Leap 42.3
Opensuse Leap 15.0
4.4
CVSSv3
CVE-2019-8906
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
File Project File 5.35
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
Opensuse Leap 15.0
Apple Mac Os X
Apple Iphone Os
Apple Watchos
Apple Tvos
NA
CVE-2007-4921
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote malicious users to execute arbitrary PHP code via a URL in the approot parameter.
Ajax File Browser 3 Beta
1 EDB exploit
5.9
CVSSv3
CVE-2017-6512
Race condition in the rmtree and remove_tree functions in the File-Path module prior to 2.13 for Perl allows malicious users to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
File Path Project
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2019-18218
cdf_read_property_info in cdf.c in file up to and including 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
File Project File
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Netapp Active Iq Unified Manager
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
NA
CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file prior to 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted ASCII file that t...
Christos Zoulas File
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
8.6
CVSSv3
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition due to the Snort process unexpectedly resta...
Cisco Firepower Management Center 6.0.0.0
Cisco Firepower Management Center 6.0.1
Cisco Firepower Management Center 6.0.0
Cisco Firepower Management Center 6.0.0.1
NA
CVE-2012-1037
PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 up to and including 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.
Glpi-project Glpi 0.80.5
Glpi-project Glpi 0.80.6
Glpi-project Glpi 0.80.2
Glpi-project Glpi 0.78.2
Glpi-project Glpi 0.80.3
Glpi-project Glpi 0.78.3
Glpi-project Glpi 0.78.4
Glpi-project Glpi 0.78.1
Glpi-project Glpi 0.80.61
Glpi-project Glpi 0.80.1
Glpi-project Glpi 0.78.5
Glpi-project Glpi 0.80
Glpi-project Glpi 0.80.4
Glpi-project Glpi 0.78
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »