Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.8 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-0285
The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and then...
Openssl Openssl 1.0.2
4.3
CVSSv2
CVE-2012-6093
The QSslSocket::sslErrors function in Qt prior to 4.6.5, 4.7.x prior to 4.7.6, 4.8.x prior to 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect erro...
Qt Qt 4.6.0
Qt Qt 4.6.3
Qt Qt 4.6.4
Qt Qt 4.6.1
Qt Qt 4.6.2
Qt Qt
Qt Qt 4.7.2
Qt Qt 4.7.3
Qt Qt 4.7.0
Qt Qt 4.7.1
Qt Qt 4.7.5
Qt Qt 4.7.4
Qt Qt 4.7.6
Qt Qt 4.8.2
Qt Qt 4.8.3
Qt Qt 4.8.0
Qt Qt 4.8.1
Qt Qt 4.8.4
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 11.4
4.3
CVSSv2
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
4
CVSSv2
CVE-2019-10195
A flaw was found in IPA, all 4.6.x versions prior to 4.6.7, all 4.7.x versions prior to 4.7.4 and all 4.8.x versions prior to 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch...
Freeipa Freeipa
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
3.7
CVSSv2
CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and previous versions, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompressio...
Gnu Gzip 1.2.4
Gnu Gzip 1.2.4a
Gnu Gzip 1.3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.11
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
Freebsd Freebsd 4.9
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 3.0
Turbolinux Turbolinux Appliance Server 1.0 Hosting
Turbolinux Turbolinux Appliance Server 1.0 Workgroup
Ubuntu Ubuntu Linux 4.1
Freebsd Freebsd 4.0
Freebsd Freebsd 4.10
Freebsd Freebsd 4.3
Freebsd Freebsd 4.8
3.6
CVSSv2
CVE-2017-5551
The simple_set_acl function in fs/posix_acl.c in the Linux kernel prior to 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on ex...
Linux Linux Kernel
3.6
CVSSv2
CVE-2015-6927
vzctl prior to 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by ...
Openvz Vzctl
3.6
CVSSv2
CVE-2013-0254
The QSharedMemory class in Qt 5.0.0, 4.8.x prior to 4.8.5, 4.7.x prior to 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical prog...
Qt Qt 1.41
Qt Qt 1.44
Qt Qt 1.45
Qt Qt 1.42
Qt Qt 1.43
Qt Qt 2.0.0
Qt Qt 2.0.1
Qt Qt 2.0.2
Qt Qt 3.3.4
Qt Qt 3.3.5
Qt Qt 3.3.6
Qt Qt 3.3.2
Qt Qt 3.3.3
Qt Qt 3.3.0
Qt Qt 3.3.1
Qt Qt 4.1.2
Qt Qt 4.1.3
Qt Qt 4.1.4
Qt Qt 4.1.5
Qt Qt 4.1.0
Qt Qt 4.1.1
Qt Qt 4.0.0
3.5
CVSSv2
CVE-2012-0814
The auth_parse_options function in auth-options.c in sshd in OpenSSH prior to 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by ...
Openbsd Openssh 5.4
Openbsd Openssh 2
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
1 Github repository
2.6
CVSSv2
CVE-2019-2786
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with networ...
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Jre 11.0.3
Oracle Jre 12.0.1
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Hp Xp7 Command View
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Satellite 5.8
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »