Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.7 vulnerabilities and exploits
(subscribe to this query)
515
VMScore
CVE-2006-2743
Drupal 4.6.x prior to 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote malicious users to upload, modify, or execute arbitrary files in the files directory.
Drupal Drupal 4.6.3
Drupal Drupal 4.6.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.2
Drupal Drupal 4.6.5
Drupal Drupal 4.6.6
Drupal Drupal 4.7.0
Drupal Drupal 4.6
Drupal Drupal 4.6.0
1 EDB exploit
605
VMScore
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
668
VMScore
CVE-2005-0764
Buffer overflow in command.C for rxvt-unicode prior to 5.3 allows remote malicious users to execute arbitrary code via a crafted file containing long escape sequences.
Marc Lehmann Rxvt-unicode 3.7
Marc Lehmann Rxvt-unicode 3.9
Marc Lehmann Rxvt-unicode 4.6
Marc Lehmann Rxvt-unicode 4.8
Marc Lehmann Rxvt-unicode 3.4
Marc Lehmann Rxvt-unicode 3.5
Marc Lehmann Rxvt-unicode 4.9
Marc Lehmann Rxvt-unicode 5.0
Marc Lehmann Rxvt-unicode 5.1
Marc Lehmann Rxvt-unicode 5.2
Marc Lehmann Rxvt-unicode 4.0
Marc Lehmann Rxvt-unicode 4.1
Marc Lehmann Rxvt-unicode 4.2
Marc Lehmann Rxvt-unicode 4.3
Marc Lehmann Rxvt-unicode 4.4
Marc Lehmann Rxvt-unicode 3.6
Marc Lehmann Rxvt-unicode 3.8
Marc Lehmann Rxvt-unicode 4.5
Marc Lehmann Rxvt-unicode 4.7
1000
VMScore
CVE-2004-1289
Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote malicious users to execute arbitrary code via a crafted calendar file.
Pcal Pcal 4.6.0
Pcal Pcal 4.7.0
Pcal Pcal 4.7.1
Pcal Pcal 4.1.0
Pcal Pcal 4.3.0
Pcal Pcal 4.5.0
2 EDB exploits
668
VMScore
CVE-2002-0592
AOL Instant Messenger (AIM) allows remote malicious users to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.
Aol Instant Messenger 3.0.1415
Aol Instant Messenger 3.0.1470
Aol Instant Messenger 4.1
Aol Instant Messenger 4.1.2010
Aol Instant Messenger 2.0.912
Aol Instant Messenger 3.0 N
Aol Instant Messenger 3.5.1635
Aol Instant Messenger 4.2
Aol Instant Messenger 4.2.1193
Aol Instant Messenger 4.7.2480
Aol Instant Messenger 4.8.2616
Aol Instant Messenger 4.8.2646
Aol Instant Messenger 4.6
Aol Instant Messenger 4.7
Aol Instant Messenger 2.5.1366
Aol Instant Messenger 2.5.1598
Aol Instant Messenger 3.5.1856
Aol Instant Messenger 4.0
Aol Instant Messenger 4.4
Aol Instant Messenger 4.5
Aol Instant Messenger 2.0.996
Aol Instant Messenger 2.0 N
329
VMScore
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
445
VMScore
CVE-2017-16892
In Bftpd prior to 4.7, there is a memory leak in the file rename function.
Bftpd Project Bftpd
445
VMScore
CVE-2018-1350
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system enumeration.
Netiq Identity Manager
445
VMScore
CVE-2018-1349
The NetIQ Identity Manager driver log file, in versions before 4.7, provides details that could aid in system or configuration enumeration.
Netiq Identity Manager
668
VMScore
CVE-2021-28132
LUCY Security Awareness Software up to and including 4.7.x allows unauthenticated remote code execution because the Migration Tool (in the Support section) allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI.
Lucysecurity Security Awareness
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »