Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2003-0278
Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote malicious users to insert arbitrary web script via the file parameter.
Happycgi.com Happymall 4.3
Happycgi.com Happymall 4.4
1 EDB exploit
7.5
CVSSv2
CVE-2003-0243
Happycgi.com Happymall 4.3 and 4.4 allows remote malicious users to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
Happycgi Happymall 4.4
Happycgi Happymall 4.3
2 EDB exploits
10
CVSSv2
CVE-2015-8073
mediaserver in Android 4.4 and 5.1 prior to 5.1.1 LMY48X allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 14388161, a different vulnerability than CVE-2015-6608 and CVE-2015-8072.
Google Android 5.1
Google Android 4.4
10
CVSSv2
CVE-2015-8072
mediaserver in Android 4.4 up to and including 5.x prior to 5.1.1 LMY48X and 6.0 prior to 2015-11-01 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23881715, a different vulnerabi...
Google Android 4.4
Google Android 5.1
6.5
CVSSv2
CVE-2008-1657
OpenSSH 4.4 up to versions prior to 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
Openbsd Openssh 4.4
Openbsd Openssh 4.4p1
Openbsd Openssh 4.5
Openbsd Openssh 4.6
Openbsd Openssh 4.7
Openbsd Openssh 4.8
1 Github repository
6.8
CVSSv2
CVE-2021-44652
Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.
Zohocorp Manageengine O365 Manager Plus
Zohocorp Manageengine O365 Manager Plus 4.4
NA
CVE-2023-28937
DataSpider Servista version 4.4 and previous versions uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is em...
Saison Dataspider Servista
Saison Dataspider Servista 4.3
Saison Dataspider Servista 4.4
4.9
CVSSv2
CVE-2015-7515
The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel prior to 4.4 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.
Linux Linux Kernel
Linux Linux Kernel 4.4
1 EDB exploit
7.5
CVSSv2
CVE-2006-4828
PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 up to and including 4.6 allows remote malicious users to execute arbitrary PHP code via a URL in the PP_PATH parameter.
Photopost Photopost Php Pro 4.0
Photopost Photopost Php Pro 4.1
Photopost Photopost Php Pro 4.2
Photopost Photopost Php Pro 4.3
Photopost Photopost Php Pro 4.6
Photopost Photopost Php Pro 4.4
Photopost Photopost Php Pro 4.5
1 EDB exploit
4.9
CVSSv2
CVE-2015-8785
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel prior to 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.
Linux Linux Kernel
Linux Linux Kernel 4.4
Suse Linux Enterprise Real Time Extension 12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »