Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project file vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-8899
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0). An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Qur...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
1 Github repository
10
CVSSv2
CVE-2015-1006
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink versi...
Opto22 Optodatalink
Opto22 Optoopcserver
Opto22 Pac Display
Opto22 Pac Project
10
CVSSv2
CVE-2019-10269
BWA (aka Burrow-Wheeler Aligner) prior to 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.
Burrow-wheeler Aligner Project Burrow-wheeler Aligner
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
10
CVSSv2
CVE-2017-16926
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
Ohcount Project Ohcount 3.0.0
10
CVSSv2
CVE-2017-1000169
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.
Quickerbb Project Quickerbb
10
CVSSv2
CVE-2015-9059
picocom prior to 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely.
Picocom Project Picocom
10
CVSSv2
CVE-2014-8731
PHPMemcachedAdmin 1.2.2 and previous versions allows remote malicious users to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.
Phpmemcachedadmin Project Phpmemcachedadmin
1 Github repository
10
CVSSv2
CVE-2016-7407
The dropbearconvert command in Dropbear SSH prior to 2016.74 allows malicious users to execute arbitrary code via a crafted OpenSSH key file.
Dropbear Ssh Project Dropbear Ssh
10
CVSSv2
CVE-2016-3955
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel prior to 4.5.3 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Debian Debian Linux 8.0
1 Github repository
10
CVSSv2
CVE-2015-0857
Cool Projects TarDiff allows remote malicious users to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.
Tardiff Project Tardiff -
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »