Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.4 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0203
Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication.
Watchguard Firebox Ii 4.1
Watchguard Firebox Ii 4.2
Watchguard Firebox Ii 4.3
Watchguard Firebox Ii 4.0
Watchguard Firebox Ii 4.4
Watchguard Firebox Ii 4.5
7.2
CVSSv2
CVE-2002-0572
FreeBSD 4.5 and previous versions, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called set...
Freebsd Freebsd 4.5
Openbsd Openbsd 2.0
Openbsd Openbsd 2.2
Sun Sunos -
Sun Solaris 7.0
Openbsd Openbsd 2.3
Sun Sunos 5.5.1
Sun Solaris 2.5.1
Sun Solaris 2.6
Freebsd Freebsd 4.4
Sun Solaris 8.0
Openbsd Openbsd 2.1
Sun Sunos 5.7
Sun Sunos 5.8
1 EDB exploit
7.5
CVSSv2
CVE-2002-0206
index.php in Francisco Burzi PHP-Nuke 5.3.1 and previous versions, and possibly other versions prior to 5.5, allows remote malicious users to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
Francisco Burzi Php-nuke 1.0
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 4.3
Francisco Burzi Php-nuke 4.4
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 4.4.1a
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 2.5
Francisco Burzi Php-nuke 3.0
Francisco Burzi Php-nuke 4.0
Francisco Burzi Php-nuke 5.2
Francisco Burzi Php-nuke 5.2a
1 EDB exploit
7.1
CVSSv2
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
7.5
CVSSv2
CVE-2004-2373
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 up to and including 5.5 is created in a predictable location, which may allow remote malicious users to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
Aol Instant Messenger 4.8.2616
Aol Instant Messenger 4.8.2646
Aol Instant Messenger 4.7
Aol Instant Messenger 4.7.2480
Aol Instant Messenger 5.5
Aol Instant Messenger 5.5.3415 Beta
Aol Instant Messenger 4.4
Aol Instant Messenger 4.5
Aol Instant Messenger 4.6
Aol Instant Messenger 5.1.3036
Aol Instant Messenger 5.2.3292
Aol Instant Messenger 4.3
Aol Instant Messenger 4.3.2229
Aol Instant Messenger 4.8.2790
Aol Instant Messenger 5.0.2938
1 EDB exploit
10
CVSSv2
CVE-2001-0961
Buffer overflow in tab expansion capability of the most program allows local or remote malicious users to execute arbitrary code via a malformed file that is viewed with most.
John E. Davis Most 4.5
John E. Davis Most 4.6
John E. Davis Most 4.7
John E. Davis Most 4.9.0
John E. Davis Most 4.9.1
John E. Davis Most 4.4
John E. Davis Most 4.41
9.3
CVSSv2
CVE-2016-3861
LibUtils in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, 6.x prior to 2016-09-01, and 7.0 prior to 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote malicious users to execute arbit...
Google Android 7.0
Google Android 4.1.2
Google Android 4.2
Google Android 4.4.2
Google Android 4.4.3
Google Android 5.0
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.3
Google Android 4.3.1
Google Android 6.0
Google Android 6.0.1
Google Android 4.0.4
Google Android 4.1
Google Android 4.4
Google Android 4.4.1
Google Android 5.1.0
Google Android 4.0
Google Android 4.0.1
Google Android 4.2.1
Google Android 4.2.2
Google Android 5.0.1
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2007-4752
ssh in OpenSSH prior to 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows malicious users to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Openbsd Openssh 4.3p2
Openbsd Openssh 4.3p1
Openbsd Openssh 4.0
Openbsd Openssh 4.3
Openbsd Openssh 4.2p1
Openbsd Openssh 4.4p1
Openbsd Openssh 4.4
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh
Openbsd Openssh 4.5
Openbsd Openssh 4.2
Openbsd Openssh 4.1p1
5
CVSSv2
CVE-2015-6940
The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x, 4.8.x, and 5.0.x up to and including 5.2.x and Pentaho Data Integration (PDI) Suite 4.3.x, 4.4.x, and 5.0.x up to and including 5.2.x does not restrict access to files in the pentaho-solutions/system folder, ...
Pentaho Data Integration 4.3
Pentaho Data Integration 5.1
Pentaho Data Integration 5.2
Pentaho Data Integration 4.4
Pentaho Data Integration 5.0
Pentaho Business Analytics 4.8
Pentaho Business Analytics 5.0
Pentaho Business Analytics 4.5
Pentaho Business Analytics 5.1
Pentaho Business Analytics 5.2
7.1
CVSSv2
CVE-2016-3818
libc in Android 4.x prior to 4.4.4 allows remote malicious users to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28740702.
Google Android 4.4.2
Google Android 4.4
Google Android 4.2
Google Android 4.1
Google Android 4.4.3
Google Android 4.4.1
Google Android 4.1.2
Google Android 4.0.4
Google Android 4.3.1
Google Android 4.3
Google Android 4.2.2
Google Android 4.2.1
Google Android 4.0.3
Google Android 4.0.2
Google Android 4.0.1
Google Android 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »