Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
afflib vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2352
Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) t...
Afflib Afflib
NA
CVE-2007-2055
AFFLIB 2.2.8 and previous versions allows malicious users to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the ge...
Afflib Afflib
NA
CVE-2007-2053
Multiple stack-based buffer overflows in AFFLIB prior to 2.2.6 allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 UR...
Afflib Afflib
NA
CVE-2007-2054
Multiple format string vulnerabilities in AFFLIB prior to 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afi...
Afflib Afflib
6.5
CVSSv3
CVE-2018-8050
The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) up to and including 3.7.16 allows remote malicious users to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value.
Afflib Project Afflib
NA
CVE-2007-2056
Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started