Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.8 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-6940
The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x, 4.8.x, and 5.0.x up to and including 5.2.x and Pentaho Data Integration (PDI) Suite 4.3.x, 4.4.x, and 5.0.x up to and including 5.2.x does not restrict access to files in the pentaho-solutions/system folder, ...
Pentaho Data Integration 4.3
Pentaho Data Integration 5.1
Pentaho Data Integration 5.2
Pentaho Data Integration 4.4
Pentaho Data Integration 5.0
Pentaho Business Analytics 4.8
Pentaho Business Analytics 5.0
Pentaho Business Analytics 4.5
Pentaho Business Analytics 5.1
Pentaho Business Analytics 5.2
5
CVSSv2
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
5
CVSSv2
CVE-2015-0290
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 prior to 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote malicious users to cause a denial of service (pointer cor...
Openssl Openssl 1.0.2
5
CVSSv2
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
5
CVSSv2
CVE-2009-4809
Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the vfolder parameter.
Sharing-file Easy File Sharing Web Server 4.8
5
CVSSv2
CVE-2002-0874
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote malicious users to read arbitrary files.
Redhat Interchange 4.8.5
Redhat Interchange 4.8.1
Redhat Interchange 4.8.2
Redhat Interchange 4.8.3
Redhat Interchange 4.8.4
1 EDB exploit
5
CVSSv2
CVE-2002-0591
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and previous versions allows remote malicious users to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
Aol Instant Messenger 4.1
Aol Instant Messenger 4.6
Aol Instant Messenger 4.8 Beta
Aol Instant Messenger 4.2
Aol Instant Messenger 4.3
Aol Instant Messenger 4.4
Aol Instant Messenger 4.5
Aol Instant Messenger 4.0
Aol Instant Messenger 4.7
1 EDB exploit
4.9
CVSSv2
CVE-2020-8834
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can caus...
Linux Linux Kernel -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
4.9
CVSSv2
CVE-2019-9213
In the Linux kernel prior to 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for malicious users to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Linux Linux Kernel
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
1 EDB exploit
3 Github repositories
4.9
CVSSv2
CVE-2017-2671
The ping_unhash function in net/ipv4/ping.c in the Linux kernel up to and including 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging a...
Linux Linux Kernel
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »