Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2743
Drupal 4.6.x prior to 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote malicious users to upload, modify, or execute arbitrary files in the files directory.
Drupal Drupal 4.6.3
Drupal Drupal 4.6.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.2
Drupal Drupal 4.6.5
Drupal Drupal 4.6.6
Drupal Drupal 4.7.0
Drupal Drupal 4.6
Drupal Drupal 4.6.0
1 EDB exploit
7.8
CVSSv3
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
NA
CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode prior to 5.3 allows remote malicious users to execute arbitrary code via a crafted file containing long escape sequences.
Marc Lehmann Rxvt-unicode 3.7
Marc Lehmann Rxvt-unicode 3.9
Marc Lehmann Rxvt-unicode 4.6
Marc Lehmann Rxvt-unicode 4.8
Marc Lehmann Rxvt-unicode 3.4
Marc Lehmann Rxvt-unicode 3.5
Marc Lehmann Rxvt-unicode 4.9
Marc Lehmann Rxvt-unicode 5.0
Marc Lehmann Rxvt-unicode 5.1
Marc Lehmann Rxvt-unicode 5.2
Marc Lehmann Rxvt-unicode 4.0
Marc Lehmann Rxvt-unicode 4.1
Marc Lehmann Rxvt-unicode 4.2
Marc Lehmann Rxvt-unicode 4.3
Marc Lehmann Rxvt-unicode 4.4
Marc Lehmann Rxvt-unicode 3.6
Marc Lehmann Rxvt-unicode 3.8
Marc Lehmann Rxvt-unicode 4.5
Marc Lehmann Rxvt-unicode 4.7
NA
CVE-2004-1289
Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote malicious users to execute arbitrary code via a crafted calendar file.
Pcal Pcal 4.6.0
Pcal Pcal 4.7.0
Pcal Pcal 4.7.1
Pcal Pcal 4.1.0
Pcal Pcal 4.3.0
Pcal Pcal 4.5.0
2 EDB exploits
NA
CVE-2002-0592
AOL Instant Messenger (AIM) allows remote malicious users to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.
Aol Instant Messenger 3.0.1415
Aol Instant Messenger 3.0.1470
Aol Instant Messenger 4.1
Aol Instant Messenger 4.1.2010
Aol Instant Messenger 2.0.912
Aol Instant Messenger 3.0 N
Aol Instant Messenger 3.5.1635
Aol Instant Messenger 4.2
Aol Instant Messenger 4.2.1193
Aol Instant Messenger 4.7.2480
Aol Instant Messenger 4.8.2616
Aol Instant Messenger 4.8.2646
Aol Instant Messenger 4.6
Aol Instant Messenger 4.7
Aol Instant Messenger 2.5.1366
Aol Instant Messenger 2.5.1598
Aol Instant Messenger 3.5.1856
Aol Instant Messenger 4.0
Aol Instant Messenger 4.4
Aol Instant Messenger 4.5
Aol Instant Messenger 2.0.996
Aol Instant Messenger 2.0 N
NA
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
7.5
CVSSv3
CVE-2017-16892
In Bftpd prior to 4.7, there is a memory leak in the file rename function.
Bftpd Project Bftpd
5.3
CVSSv3
CVE-2018-1350
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system enumeration.
Netiq Identity Manager
5.3
CVSSv3
CVE-2018-1349
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system or configuration enumeration.
Netiq Identity Manager
9.8
CVSSv3
CVE-2021-28132
LUCY Security Awareness Software up to and including 4.7.x allows unauthenticated remote code execution because the Migration Tool (in the Support section) allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI.
Lucysecurity Security Awareness
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »