Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-11339
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 prior to 4.0.4 and 4.1 prior to 4.1.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2014-2664
Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM prior to 4.0 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then a...
X2engine X2crm
8.8
CVSSv3
CVE-2017-9324
In Open Ticket Request System (OTRS) 3.3.x up to and including 3.3.16, 4.x up to and including 4.0.23, and 5.x up to and including 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterwar...
Otrs Otrs
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2011-3191
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel prior to 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read reque...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
8.6
CVSSv3
CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and previous versions, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working director...
Linuxfoundation Runc
Fedoraproject Fedora 39
22 Github repositories
1 Article
8.6
CVSSv3
CVE-2019-1599
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network s...
Cisco Nx-os
8.4
CVSSv3
CVE-2016-2463
Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-06-01 allow remote malicious users to execute arbitrary code or cause a denial of service (memory ...
Google Android 5.1.0
Google Android 5.0.1
Google Android 4.4
Google Android 4.3
Google Android 4.2.1
Google Android 4.0.3
Google Android 4.0.1
Google Android 5.0
Google Android 4.4.3
Google Android 4.4.2
Google Android 4.4.1
Google Android 6.0.1
Google Android 4.2
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.4
Google Android 6.0
Google Android 5.1
Google Android 4.3.1
Google Android 4.2.2
Google Android 4.0.2
Google Android 4.0
8.4
CVSSv3
CVE-2016-0848
Race condition in Download Manager in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-04-01 allows malicious users to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstr...
Google Android 4.4.3
Google Android 4.4.2
Google Android 4.4.1
Google Android 4.4
Google Android 4.3.1
Google Android 5.1
Google Android 5.0
Google Android 4.2.2
Google Android 4.2
Google Android 4.0.2
Google Android 4.0
Google Android 6.0.1
Google Android 6.0
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.4
Google Android 4.0.3
Google Android 5.1.0
Google Android 5.0.1
Google Android 4.3
Google Android 4.2.1
Google Android 4.0.1
8.2
CVSSv3
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server ...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Oracle Http Server 12.2.1.3.0
Oracle Communications Operations Monitor 4.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server -
Oracle Http Server 12.2.1.4.0
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
8.1
CVSSv3
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Gluster Storage 3.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Openstack 13
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »