Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file download tracker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2622
Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows before 104.0.5112.79 allowed a remote malicious user to bypass download restrictions via a crafted file.
Google Chrome
Fedoraproject Fedora 37
NA
CVE-2022-2618
Insufficient validation of untrusted input in Internals in Google Chrome before 104.0.5112.79 allowed a remote malicious user to bypass download restrictions via a malicious file .
Google Chrome
Fedoraproject Fedora 37
NA
CVE-2023-0131
Inappropriate implementation in in iframe Sandbox in Google Chrome before 109.0.5414.74 allowed a remote malicious user to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2022-36359
An issue exists in the HTTP FileResponse class in Django 3.2 prior to 3.2.15 and 4.0 prior to 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied i...
Djangoproject Django
Debian Debian Linux 11.0
6.5
CVSSv2
CVE-2021-29472
Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. ...
Getcomposer Composer
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
8.5
CVSSv2
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Gluster Storage 3.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Openstack 13
1 Github repository
5.8
CVSSv2
CVE-2020-15677
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerabi...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
NA
CVE-2022-26386
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior wa...
Mozilla Firefox Esr
Mozilla Thunderbird
6.8
CVSSv2
CVE-2020-15969
Use after free in WebRTC in Google Chrome before 86.0.4240.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Backports Sle 15.0
Apple Ipados
Apple Safari
Apple Watchos
Apple Macos
Apple Tvos
Apple Iphone Os
4.3
CVSSv2
CVE-2020-15676
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »