Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.10 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2005-4889
lib/fsm.c in RPM prior to 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issu...
Rpm Rpm 1.4.5
Rpm Rpm 1.4.6
Rpm Rpm 2.0.2
Rpm Rpm 2.0.3
Rpm Rpm 2.0.4
Rpm Rpm 2.2.1
Rpm Rpm 2.2.2
Rpm Rpm 2.2.9
Rpm Rpm 2.2.11
Rpm Rpm 2.3.1
Rpm Rpm 2.3.2
Rpm Rpm 2.3.9
Rpm Rpm 2.2.3.10
Rpm Rpm 2.4.6
Rpm Rpm 1.4.2
Rpm Rpm 1.4.2\\/a
Rpm Rpm 1.3.1
Rpm Rpm 1.2
Rpm Rpm 2.0.7
Rpm Rpm 2.0.8
Rpm Rpm 2.2.5
Rpm Rpm 2.2.6
7.2
CVSSv2
CVE-2010-2198
lib/fsm.c in RPM 4.8.0 and previous versions does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended ...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
6.9
CVSSv2
CVE-2011-0017
The open_log function in log.c in Exim 4.72 and previous versions does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Exim Exim 4.43
Exim Exim 4.34
Exim Exim 4.61
Exim Exim 4.60
Exim Exim 4.42
Exim Exim 4.65
Exim Exim 4.32
Exim Exim 4.20
Exim Exim 4.02
Exim Exim 4.01
Exim Exim 3.30
Exim Exim 3.22
Exim Exim 3.12
Exim Exim 3.11
Exim Exim 2.11
Exim Exim 2.10
Exim Exim 4.69
Exim Exim 4.50
Exim Exim 4.44
Exim Exim 4.63
Exim Exim 4.62
Exim Exim 4.21
7.2
CVSSv2
CVE-2010-2199
lib/fsm.c in RPM 4.8.0 and previous versions does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions...
Rpm Rpm 1.4.3
Rpm Rpm 1.4.4
Rpm Rpm 2.0
Rpm Rpm 2.0.1
Rpm Rpm 1.4.5
Rpm Rpm 1.4.6
Rpm Rpm 2.0.2
Rpm Rpm 2.0.3
Rpm Rpm 2.2.1
Rpm Rpm 2.2.2
Rpm Rpm 2.2.9
Rpm Rpm 2.2.11
Rpm Rpm 2.3
Rpm Rpm 2.3.1
Rpm Rpm 2.3.9
Rpm Rpm 2.2.3.10
Rpm Rpm 2.4.6
Rpm Rpm 2.6.7
Rpm Rpm 2.5.2
Rpm Rpm 2.5.3
Rpm Rpm 3.0.4
Rpm Rpm 3.0.5
7.2
CVSSv2
CVE-2010-2059
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM prior to 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link t...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
6.8
CVSSv2
CVE-2012-5904
Heap-based buffer overflow in IrfanView prior to 4.33 allows remote malicious users to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
Irfanview Irfanview 4.28
Irfanview Irfanview 4.27
Irfanview Irfanview 3.98
Irfanview Irfanview 3.97
Irfanview Irfanview 3.75
Irfanview Irfanview 3.70
Irfanview Irfanview 3.30
Irfanview Irfanview 3.25
Irfanview Irfanview 3.07
Irfanview Irfanview 3.05
Irfanview Irfanview 2.90
Irfanview Irfanview 2.85
Irfanview Irfanview 2.60
Irfanview Irfanview 2.55
Irfanview Irfanview 2.30
Irfanview Irfanview 2.27
Irfanview Irfanview 2.12
Irfanview Irfanview 2.10
Irfanview Irfanview 2.07
Irfanview Irfanview 1.95
Irfanview Irfanview 1.90
Irfanview Irfanview
7.2
CVSSv2
CVE-2019-13272
In the Linux kernel prior to 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process rela...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Real Time 8
Netapp Aff A700s Firmware -
Netapp H410c Firmware -
Netapp H610s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Service Processor -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Performance Analyzer -
Netapp Hci Compute Node -
Netapp E-series Santricity Os Controller
3 EDB exploits
17 Github repositories
5.1
CVSSv2
CVE-2005-0399
Heap-based buffer overflow in GIF2.cpp in Firefox prior to 1.0.2, Mozilla before to 1.7.6, and Thunderbird prior to 1.0.2, and possibly other applications that use the same library, allows remote malicious users to execute arbitrary code via a GIF image with a crafted Netscape ex...
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.5
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.7
Mozilla Mozilla 1.7.1
Mozilla Thunderbird 0.7.1
Mozilla Thunderbird 0.7.2
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Firefox 1.0.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7.5
Mozilla Thunderbird 0.3
Mozilla Thunderbird 0.4
Mozilla Thunderbird 0.9
Mozilla Thunderbird 1.0
Mozilla Firefox 0.10
Mozilla Firefox 0.9
Mozilla Firefox 1.0
6.8
CVSSv2
CVE-2012-0897
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns prior to 4.33 allows remote malicious users to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
Irfanview Irfanview 2.32
Irfanview Irfanview 2.30
Irfanview Irfanview 2.62
Irfanview Irfanview 2.60
Irfanview Irfanview 2.35
Irfanview Irfanview 2.83
Irfanview Irfanview 2.66
Irfanview Irfanview 2.68
Irfanview Irfanview 2.95
Irfanview Irfanview
Irfanview Irfanview 2.22
Irfanview Irfanview 2.20
Irfanview Irfanview 2.50
Irfanview Irfanview 2.40
Irfanview Irfanview 2.80
Irfanview Irfanview 3.99
Irfanview Irfanview 3.02
Irfanview Irfanview 3.05
Irfanview Irfanview 1.90
Irfanview Irfanview 1.95
Irfanview Irfanview 2.10
Irfanview Irfanview 2.12
1 EDB exploit
5
CVSSv2
CVE-2010-1509
IrfanView prior to 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-...
Irfanview Irfanview
Irfanview Irfanview 4.23
Irfanview Irfanview 3.97
Irfanview Irfanview 3.95
Irfanview Irfanview 3.61
Irfanview Irfanview 3.60
Irfanview Irfanview 3.25
Irfanview Irfanview 3.21
Irfanview Irfanview 3.05
Irfanview Irfanview 3.02
Irfanview Irfanview 2.83
Irfanview Irfanview 2.82
Irfanview Irfanview 2.60
Irfanview Irfanview 2.55
Irfanview Irfanview 2.30
Irfanview Irfanview 2.27
Irfanview Irfanview 2.10
Irfanview Irfanview 2.07
Irfanview Irfanview 1.95
Irfanview Irfanview 1.90
Irfanview Irfanview 4.22
Irfanview Irfanview 4.20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »