Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
afflib vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-2055
AFFLIB 2.2.8 and previous versions allows malicious users to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the ge...
Afflib Afflib
890
VMScore
CVE-2007-2053
Multiple stack-based buffer overflows in AFFLIB prior to 2.2.6 allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 UR...
Afflib Afflib
668
VMScore
CVE-2007-2054
Multiple format string vulnerabilities in AFFLIB prior to 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afi...
Afflib Afflib
890
VMScore
CVE-2007-2352
Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) t...
Afflib Afflib
383
VMScore
CVE-2018-8050
The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) up to and including 3.7.16 allows remote malicious users to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value.
Afflib Project Afflib
NA
CVE-2007-2056
Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started