Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4764
The Simple File Downloader WordPress plugin up to and including 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stor...
Simple File Downloader Project Simple File Downloader
4.3
CVSSv2
CVE-2019-8345
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the...
Estrongs Es File Explorer File Manager 4.1.9.7.4
4.3
CVSSv2
CVE-2020-23706
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
4.3
CVSSv2
CVE-2020-23707
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
6.8
CVSSv2
CVE-2021-32263
ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c.
Ok-file-formats Project Ok-file-formats
5
CVSSv2
CVE-2019-11380
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage.
Estrongs Es File Explorer File Manager 4.2.0.1.3
6.4
CVSSv2
CVE-2022-31527
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Flask-file-server Project Flask-file-server
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
7.5
CVSSv2
CVE-2022-1000
Path Traversal in GitHub repository prasathmani/tinyfilemanager before 2.4.7.
Tiny File Manager Project Tiny File Manager
6.8
CVSSv2
CVE-2021-44340
David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffman_table() in "/ok_jpg.c:403".
Ok-file-formats Project Ok-file-formats -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »