Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.10 vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2020-11669
An issue exists in the Linux kernel prior to 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Opensuse Leap 15.1
685
VMScore
CVE-2013-4885
The http-domino-enum-passwords.nse script in NMap prior to 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
Nmap Nmap 3.27
Nmap Nmap 3.40
Nmap Nmap 3.30
Nmap Nmap 3.98
Nmap Nmap 2.51
Nmap Nmap 2.12
Nmap Nmap 4.85
Nmap Nmap 4.22
Nmap Nmap 2.52
Nmap Nmap 5.59
Nmap Nmap 5.51
Nmap Nmap 3.10
Nmap Nmap 5.00
Nmap Nmap 2.3
Nmap Nmap 2.54
Nmap Nmap 4.20
Nmap Nmap 4.10
Nmap Nmap 3.94
Nmap Nmap 5.10
Nmap Nmap 3.91
Nmap Nmap 4.49
Nmap Nmap 2.2
1 EDB exploit
940
VMScore
CVE-2009-0812
Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and previous versions versions allows remote malicious users to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third par...
Bpsoft Hex Workshop 2.01
Bpsoft Hex Workshop 3.02
Bpsoft Hex Workshop 4.21
Bpsoft Hex Workshop 2.20
Bpsoft Hex Workshop 4.10
Bpsoft Hex Workshop 4.00
Bpsoft Hex Workshop 1.0
Bpsoft Hex Workshop 2.53
Bpsoft Hex Workshop 4.22
Bpsoft Hex Workshop 5.1.4
Bpsoft Hex Workshop 2.50
Bpsoft Hex Workshop 3.00
Bpsoft Hex Workshop
Bpsoft Hex Workshop 2.54
Bpsoft Hex Workshop 4.20
Bpsoft Hex Workshop 2.10
Bpsoft Hex Workshop 3.11
Bpsoft Hex Workshop 5.0
Bpsoft Hex Workshop 3.10
Bpsoft Hex Workshop 2.00
Bpsoft Hex Workshop 5.1.3
Bpsoft Hex Workshop 4.23
2 EDB exploits
392
VMScore
CVE-2010-2024
transports/appendfile.c in Exim prior to 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 4.24
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.51
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 4.40
Exim Exim 4.52
Exim Exim 4.60
Exim Exim 4.61
Exim Exim 4.68
Exim Exim 4.54
Exim Exim 4.23
Exim Exim 4.62
Exim Exim 4.32
Exim Exim 4.42
392
VMScore
CVE-2010-2023
transports/appendfile.c in Exim prior to 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user...
Exim Exim 4.70
Exim Exim 4.69
Exim Exim 4.66
Exim Exim 4.10
Exim Exim 4.24
Exim Exim 4.30
Exim Exim 4.21
Exim Exim 4.51
Exim Exim 4.67
Exim Exim 4.63
Exim Exim 4.43
Exim Exim 4.22
Exim Exim 4.40
Exim Exim 4.52
Exim Exim 4.60
Exim Exim 4.61
Exim Exim 4.68
Exim Exim 4.54
Exim Exim 4.23
Exim Exim 4.62
Exim Exim 4.32
Exim Exim 4.42
329
VMScore
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.3.3
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Freebsd Freebsd 4.3
Redhat Enterprise Linux 2.1
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.6
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Redhat Enterprise Linux 4.0
Trustix Secure Linux 2.0
Redhat Enterprise Linux Desktop 3.0
Freebsd Freebsd 5.1
Ubuntu Ubuntu Linux 4.1
Redhat Linux Advanced Workstation 2.1
Freebsd Freebsd 4.4
Redhat Enterprise Linux 3.0
Freebsd Freebsd 4.8
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Freebsd Freebsd 4.7
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.0
169
VMScore
CVE-2018-10472
An issue exists in Xen up to and including 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
Xen Xen
Debian Debian Linux 9.0
383
VMScore
CVE-2021-25277
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component.
Ftapi Ftapi
356
VMScore
CVE-2019-11519
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce up to and including 4.10 allows XXE via the "Configurations -> Languages -> Edit Language -> Import Resources -> Upload XML file" screen.
Nopcommerce Nopcommerce
NA
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows malicious users to download arbitrary files via a crafted POST request.
Pentasecurity Wapples V6.0.r3.4.10
Pentasecurity Wapples
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »