Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 3.40 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2005-0269
The file extension check in GNUBoard 3.40 and previous versions only verifies extensions that contain all lowercase letters, which allows remote malicious users to upload arbitrary files via file extensions that include uppercase letters.
Sir Gnuboard
NA
CVE-2013-4885
The http-domino-enum-passwords.nse script in NMap prior to 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
Nmap Nmap
Nmap Nmap 6.20
Nmap Nmap 5.59
Nmap Nmap 5.50
Nmap Nmap 5.00
Nmap Nmap 4.90
Nmap Nmap 4.85
Nmap Nmap 4.60
Nmap Nmap 4.53
Nmap Nmap 4.49
Nmap Nmap 4.22
Nmap Nmap 4.20
Nmap Nmap 4.02
Nmap Nmap 4.01
Nmap Nmap 3.95
Nmap Nmap 3.94
Nmap Nmap 3.75
Nmap Nmap 3.70
Nmap Nmap 3.55
Nmap Nmap 3.40
Nmap Nmap 3.25
Nmap Nmap 3.20
1 EDB exploit
NA
CVE-2009-5075
Monkey's Audio prior to 4.02 allows remote malicious users to cause a denial of service (application crash) via a malformed APE file.
Monkeysaudio Monkey\\'s Audio 1.4
Monkeysaudio Monkey\\'s Audio 1.51
Monkeysaudio Monkey\\'s Audio 1.70
Monkeysaudio Monkey\\'s Audio 1.72
Monkeysaudio Monkey\\'s Audio 1.90
Monkeysaudio Monkey\\'s Audio 2.00
Monkeysaudio Monkey\\'s Audio 2.20
Monkeysaudio Monkey\\'s Audio 2.40
Monkeysaudio Monkey\\'s Audio 2.50
Monkeysaudio Monkey\\'s Audio 3.02
Monkeysaudio Monkey\\'s Audio 3.11
Monkeysaudio Monkey\\'s Audio 3.51
Monkeysaudio Monkey\\'s Audio 3.70
Monkeysaudio Monkey\\'s Audio 3.83
Monkeysaudio Monkey\\'s Audio 3.85
Monkeysaudio Monkey\\'s Audio 3.90
Monkeysaudio Monkey\\'s Audio 3.92
Monkeysaudio Monkey\\'s Audio 4.01b1
Monkeysaudio Monkey\\'s Audio 1.53
Monkeysaudio Monkey\\'s Audio 1.60
Monkeysaudio Monkey\\'s Audio 1.61
Monkeysaudio Monkey\\'s Audio 1.62
NA
CVE-2006-7245
Monkey's Audio prior to 4.01b2 allows remote malicious users to cause a denial of service (application crash) via an APX file that lacks NULL termination.
Monkeysaudio Monkey\\'s Audio 1.1
Monkeysaudio Monkey\\'s Audio 1.3
Monkeysaudio Monkey\\'s Audio 1.61
Monkeysaudio Monkey\\'s Audio 1.63
Monkeysaudio Monkey\\'s Audio 1.81
Monkeysaudio Monkey\\'s Audio 1.83
Monkeysaudio Monkey\\'s Audio 2.22
Monkeysaudio Monkey\\'s Audio 2.31
Monkeysaudio Monkey\\'s Audio 2.90
Monkeysaudio Monkey\\'s Audio 3.01
Monkeysaudio Monkey\\'s Audio 3.20
Monkeysaudio Monkey\\'s Audio 3.31
Monkeysaudio Monkey\\'s Audio 3.41
Monkeysaudio Monkey\\'s Audio 3.80
Monkeysaudio Monkey\\'s Audio 3.82
Monkeysaudio Monkey\\'s Audio 3.87
Monkeysaudio Monkey\\'s Audio 3.89
Monkeysaudio Monkey\\'s Audio 3.95
Monkeysaudio Monkey\\'s Audio 3.97
Monkeysaudio Monkey\\'s Audio
Monkeysaudio Monkey\\'s Audio 1.0
Monkeysaudio Monkey\\'s Audio 1.70
NA
CVE-2010-3162
Untrusted search path vulnerability in Apsaly prior to 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Masahiko Watanabe Apsaly 1.20
Masahiko Watanabe Apsaly 1.40
Masahiko Watanabe Apsaly 2.00
Masahiko Watanabe Apsaly 2.10
Masahiko Watanabe Apsaly 2.20
Masahiko Watanabe Apsaly 2.40
Masahiko Watanabe Apsaly 3.40
Masahiko Watanabe Apsaly
Masahiko Watanabe Apsaly 2.60
Masahiko Watanabe Apsaly 2.70
Masahiko Watanabe Apsaly 2.72
Masahiko Watanabe Apsaly 3.00
Masahiko Watanabe Apsaly 2.30
Masahiko Watanabe Apsaly 2.50
Masahiko Watanabe Apsaly 3.10
Masahiko Watanabe Apsaly 3.60
NA
CVE-2009-3930
Multiple integer overflows in Christos Zoulas file prior to 5.02 allow user-assisted remote malicious users to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.
Christos Zoulas File 5.00
Christos Zoulas File 4.26
Christos Zoulas File 4.17
Christos Zoulas File 4.16
Christos Zoulas File 4.15
Christos Zoulas File 4.07
Christos Zoulas File 4.06
Christos Zoulas File 3.39
Christos Zoulas File 3.38
Christos Zoulas File
Christos Zoulas File 4.23
Christos Zoulas File 4.21
Christos Zoulas File 4.12
Christos Zoulas File 4.11
Christos Zoulas File 4.02
Christos Zoulas File 4.01
Christos Zoulas File 3.34
Christos Zoulas File 3.33
Christos Zoulas File 4.20
Christos Zoulas File 4.19
Christos Zoulas File 4.09
Christos Zoulas File 4.08
NA
CVE-2005-3263
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 up to and including 3.50 allows remote malicious users to execute arbitrary code via an ACE archive containing a file with a long name.
Rarlab Winrar 3.11
Rarlab Winrar 3.20
Rarlab Winrar 3.40
Rarlab Winrar 3.41
Rarlab Winrar 3.0.0
Rarlab Winrar 3.10 Beta3
Rarlab Winrar 3.50
Rarlab Winrar 2.90
Rarlab Winrar 3.10
Rarlab Winrar 3.10 Beta5
Rarlab Winrar 3.42
NA
CVE-2005-3262
Format string vulnerability in RARLAB WinRAR 2.90 up to and including 3.50 allows remote malicious users to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
Rarlab Winrar 2.90
Rarlab Winrar 3.0.0
Rarlab Winrar 3.10
Rarlab Winrar 3.10 Beta3
Rarlab Winrar 3.10 Beta5
Rarlab Winrar 3.20
Rarlab Winrar 3.41
Rarlab Winrar 3.42
Rarlab Winrar 3.50
Rarlab Winrar 3.11
Rarlab Winrar 3.40
1 EDB exploit
NA
CVE-2005-0331
Directory traversal vulnerability in WinRAR 3.42 and previous versions, when the user clicks on the ZIP file to extract it, allows remote malicious users to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
Rarlab Winrar 3.0.0
Rarlab Winrar 3.41
Rarlab Winrar 3.42
Rarlab Winrar 3.20
Rarlab Winrar 3.40
Rarlab Winrar 3.10 Beta5
Rarlab Winrar 3.11
Rarlab Winrar 3.10
Rarlab Winrar 3.10 Beta3
NA
CVE-2004-1254
WinRAR 3.40, and possibly earlier versions, allows remote malicious users to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
Rarlab Winrar 3.10 Beta3
Rarlab Winrar 3.10 Beta5
Rarlab Winrar 3.0.0
Rarlab Winrar 3.10
Rarlab Winrar 3.40
Rarlab Winrar 3.41
Rarlab Winrar 3.11
Rarlab Winrar 3.20
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »