Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.5 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2005-3927
Multiple directory traversal vulnerabilities in GuppY 4.5.9 and previous versions allow remote malicious users to read and include arbitrary files via (1) the meskin parameter to admin/editorTypetool.php, or the lng parameter to the in admin/inc scripts (2) archbatch.php, (3) dbb...
Guppy Guppy 4.5.3a
Guppy Guppy 4.5.4
Guppy Guppy 4.5.9
Guppy Guppy 4.5
Guppy Guppy 4.5.3
4 EDB exploits
5.8
CVSSv2
CVE-2021-41072
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs ...
Squashfs-tools Project Squashfs-tools 4.5
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.8
CVSSv2
CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing...
Squashfs-tools Project Squashfs-tools 4.5
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
5.8
CVSSv2
CVE-2017-12150
It was found that samba prior to 4.4.16, 4.5.x prior to 4.5.14, and 4.6.x prior to 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
Samba Samba
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Gluster Storage 3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2013-6174
Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote malici...
Emc Document Sciences Xpression 4.5
Emc Document Sciences Xpression 4.2
Emc Document Sciences Xpression 4.1
5.1
CVSSv2
CVE-2006-2864
Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) APP[path][applications] parameter to (a) Bs_Faq.class.php, (2) APP[path][core] parameter to (b) fileBrowserInner.php, (c) ...
Blueshoes Blueshoes Framework 4.5
Blueshoes Blueshoes Framework
1 EDB exploit
5.1
CVSSv2
CVE-2006-1610
PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and previous versions, as used in products such as Autonomous LAN party (ALP), allows remote malicious users to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when reg...
Squery Squery
1 EDB exploit
5.1
CVSSv2
CVE-2005-0035
The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and previous versions, when used with Internet Explorer, allows remote malicious users to determine the existence of arbitrary files via the LoadFile ActiveX method.
Adobe Acrobat Reader 6.0.3
Adobe Acrobat Reader 7.0
Adobe Acrobat Reader 6.0
Adobe Acrobat Reader 6.0.1
Adobe Acrobat Reader 6.0.2
Adobe Acrobat Reader 5.0.5
Adobe Acrobat Reader 5.1
Adobe Acrobat Reader 4.5
Adobe Acrobat Reader 5.0
5
CVSSv2
CVE-2015-4646
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote malicious users to cause a denial of service (application crash) via a crafted input.
Squashfs Project Squashfs
5
CVSSv2
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »