Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-20735
File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote malicious user to execute arbitrary code via the ljcms/index.php parameter.
8cms Ljcms 4.3.r60321
9.8
CVSSv3
CVE-2022-48337
GNU Emacs up to and including 28.2 allows malicious users to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "...
Gnu Emacs
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Netapp Cloud Backup -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
3 Github repositories
9.8
CVSSv3
CVE-2020-20979
An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows malicious users to execute arbitrary code.
8cms Ljcms 4.3.-
9.8
CVSSv3
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
9.8
CVSSv3
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2016-3819
Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 allows remote malicious users to execute arbitrary code or cause a denial of service...
Google Android 5.1
Google Android 5.0.1
Google Android 4.3
Google Android 4.2.2
Google Android 4.0.2
Google Android 4.0.1
Google Android 4.0
Google Android 6.0
Google Android 5.1.0
Google Android 4.4
Google Android 4.3.1
Google Android 4.0.4
Google Android 4.0.3
Google Android 5.0
Google Android 4.4.3
Google Android 4.2.1
Google Android 4.2
Google Android 6.0.1
Google Android 4.4.2
Google Android 4.4.1
Google Android 4.1.2
Google Android 4.1
9.8
CVSSv3
CVE-2016-3821
libmedia in mediaserver in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 has certain incorrect declarations, which allows remote malicious users to execute arbitrary code or cause a denial of service (NULL pointer dereference ...
Google Android 6.0
Google Android 5.1.0
Google Android 4.4
Google Android 4.3.1
Google Android 4.0.4
Google Android 4.0.3
Google Android 4.0.2
Google Android 6.0.1
Google Android 4.4.2
Google Android 4.4.1
Google Android 4.1.2
Google Android 4.1
Google Android 5.1
Google Android 5.0.1
Google Android 4.3
Google Android 4.2.2
Google Android 4.0.1
Google Android 4.0
Google Android 5.0
Google Android 4.4.3
Google Android 4.2.1
Google Android 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »