Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote malicious users to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7-zip 7-zip 9.20
7-zip 7-zip 15.05
1 Github repository
8.4
CVSSv3
CVE-2016-2463
Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-06-01 allow remote malicious users to execute arbitrary code or cause a denial of service (memory ...
Google Android 5.1.0
Google Android 5.0.1
Google Android 4.4
Google Android 4.3
Google Android 4.2.1
Google Android 4.0.3
Google Android 4.0.1
Google Android 5.0
Google Android 4.4.3
Google Android 4.4.2
Google Android 4.4.1
Google Android 6.0.1
Google Android 4.2
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.4
Google Android 6.0
Google Android 5.1
Google Android 4.3.1
Google Android 4.2.2
Google Android 4.0.2
Google Android 4.0
8.4
CVSSv3
CVE-2016-0848
Race condition in Download Manager in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-04-01 allows malicious users to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstr...
Google Android 4.4.3
Google Android 4.4.2
Google Android 4.4.1
Google Android 4.4
Google Android 4.3.1
Google Android 5.1
Google Android 5.0
Google Android 4.2.2
Google Android 4.2
Google Android 4.0.2
Google Android 4.0
Google Android 6.0.1
Google Android 6.0
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.4
Google Android 4.0.3
Google Android 5.1.0
Google Android 5.0.1
Google Android 4.3
Google Android 4.2.1
Google Android 4.0.1
8.1
CVSSv3
CVE-2023-41915
OpenPMIx PMIx prior to 4.2.6 and 5.0.x prior to 5.0.1 allows malicious users to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
Openpmix Openpmix
Openpmix Openpmix 5.0.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 12.0
8.1
CVSSv3
CVE-2018-11758
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModel...
Apache Cayenne 3.1.2
Apache Cayenne 3.1.1
Apache Cayenne
Apache Cayenne 4.0
Apache Cayenne 3.2
Apache Cayenne 4.1
8.1
CVSSv3
CVE-2010-2943
The xfs implementation in the Linux kernel prior to 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but wer...
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Vmware Esx 4.1
Vmware Esx 4.0
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Communication Manager 5.2
Avaya Aura System Platform 1.1
Avaya Aura System Platform 6.0
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.1.1
Avaya Aura Session Manager 1.1
Avaya Aura Session Manager 5.2
Avaya Aura Session Manager 6.0
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.0
Avaya Iq 5.1
Avaya Iq 5.0
1 EDB exploit
8
CVSSv3
CVE-2013-6234
Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI prior to 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, a...
Eng Spagobi
1 EDB exploit
7.8
CVSSv3
CVE-2023-29491
ncurses prior to 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
Gnu Ncurses
7.8
CVSSv3
CVE-2022-48339
An issue exists in GNU Emacs up to and including 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name cont...
Gnu Emacs
7.8
CVSSv3
CVE-2022-27239
In cifs-utils up to and including 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Samba Cifs-utils
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise Server 11
Suse Openstack Cloud 8.0
Suse Linux Enterprise Server 15
Suse Linux Enterprise Software Development Kit 12
Suse Openstack Cloud Crowbar 8.0
Suse Openstack Cloud Crowbar 9.0
Suse Openstack Cloud 9.0
Suse Linux Enterprise Server 12
Suse Manager Server 4.1
Suse Linux Enterprise Desktop 15
Suse Enterprise Storage 7.0
Suse Caas Platform 4.0
Suse Enterprise Storage 6.0
Suse Manager Proxy 4.1
Suse Linux Enterprise High Performance Computing 12.0
Suse Linux Enterprise High Performance Computing 15.0
Suse Linux Enterprise Real Time 15.0
Suse Linux Enterprise Point Of Service 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »