Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file-type project file-type vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file prior to 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted ASCII file that t...
Christos Zoulas File
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
610
VMScore
CVE-2014-1610
MediaWiki 1.22.x prior to 1.22.2, 1.21.x prior to 1.21.5, and 1.19.x prior to 1.19.11, when DjVu or PDF file upload support is enabled, allows remote malicious users to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/media/DjVu.php; (2) t...
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.21.4
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.21.3
Mediawiki Mediawiki 1.19.10
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.8
Mediawiki Mediawiki 1.22.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.9
Mediawiki Mediawiki 1.22.0
2 EDB exploits
383
VMScore
CVE-2013-4567
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via a \b (backspace) character in CSS.
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
383
VMScore
CVE-2013-4568
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS, as demonstrated using va...
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.20.6
Mediawiki Mediawiki 1.20.5
Mediawiki Mediawiki 1.20.2
Mediawiki Mediawiki 1.20.1
Mediawiki Mediawiki 1.20.7
Mediawiki Mediawiki 1.20
Mediawiki Mediawiki 1.21
Mediawiki Mediawiki 1.21.1
Mediawiki Mediawiki 1.21.2
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.2
Mediawiki Mediawiki 1.19.7
Mediawiki Mediawiki 1.19.6
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19.5
Mediawiki Mediawiki 1.19.4
383
VMScore
CVE-2013-2031
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome an...
Gentoo Linux
Mediawiki Mediawiki
Mediawiki Mediawiki 1.19.4
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.17.3
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.16.1
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.2
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.13.2
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.12.1
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.20.4
Mediawiki Mediawiki 1.20.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.18
445
VMScore
CVE-2013-2032
MediaWiki prior to 1.19.6 and 1.20.x prior to 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote malicious users to bypass the intended restrictions of an extension that only implem...
Mediawiki Mediawiki 1.19.3
Mediawiki Mediawiki 1.19.1
Mediawiki Mediawiki 1.18.3
Mediawiki Mediawiki 1.18.1
Mediawiki Mediawiki 1.18.0
Mediawiki Mediawiki 1.17.2
Mediawiki Mediawiki 1.17.0
Mediawiki Mediawiki 1.16.0
Mediawiki Mediawiki 1.15.1
Mediawiki Mediawiki 1.15.0
Mediawiki Mediawiki 1.14.0
Mediawiki Mediawiki 1.13.1
Mediawiki Mediawiki 1.13.0
Mediawiki Mediawiki 1.12.0
Mediawiki Mediawiki 1.11.1
Mediawiki Mediawiki 1.10.3
Mediawiki Mediawiki 1.10.1
Mediawiki Mediawiki 1.10.0
Mediawiki Mediawiki 1.19.0
Mediawiki Mediawiki 1.19
Mediawiki Mediawiki 1.17
Mediawiki Mediawiki 1.16.2
890
VMScore
CVE-2009-2281
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x up to and including 4.10.4 and 5.x prior to 5.4.2 allow remote malicious users to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP re...
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 5.4.0
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.2.0
Umn Mapserver 4.0
Osgeo Mapserver 5.4.1
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.10.4
Osgeo Mapserver 4.10.3
694
VMScore
CVE-2009-0843
The msLoadQuery function in mapserv in MapServer 4.x prior to 4.10.4 and 5.x prior to 5.2.2 allows remote malicious users to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether thi...
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.6.0
Umn Mapserver 4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.4.0
Osgeo Mapserver 5.2.1
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.2.0
890
VMScore
CVE-2009-0839
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x prior to 4.10.4 and 5.x prior to 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote malicious users to execute arbitrary code via a crafted id parameter in a query action.
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.10.1
Osgeo Mapserver 4.8.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.2.0
Umn Mapserver 4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 5.2.1
890
VMScore
CVE-2009-0840
Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x prior to 4.10.4 and 5.x prior to 5.2.2 allows remote malicious users to have an unknown impact via a negative value in the Content-Length HTTP header.
Osgeo Mapserver 4.10.0
Osgeo Mapserver 4.6.0
Osgeo Mapserver 4.4.0
Osgeo Mapserver 4.2.0
Osgeo Mapserver 5.2.0
Osgeo Mapserver 5.0.0
Osgeo Mapserver 4.8.0
Umn Mapserver 4.0
Osgeo Mapserver 4.10.2
Osgeo Mapserver 5.2.1
Osgeo Mapserver 4.10.3
Osgeo Mapserver 4.10.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »