Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-23706
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
NA
CVE-2014-5199
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) prior to 2.4.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: s...
Wordpress File Upload Project Wordpress File Upload
5.4
CVSSv3
CVE-2022-4764
The Simple File Downloader WordPress plugin up to and including 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stor...
Simple File Downloader Project Simple File Downloader
6.5
CVSSv3
CVE-2020-23707
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
7.8
CVSSv3
CVE-2021-44340
David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffman_table() in "/ok_jpg.c:403".
Ok-file-formats Project Ok-file-formats -
9.8
CVSSv3
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
6 Github repositories
5.3
CVSSv3
CVE-2019-5447
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows malicious users to list files in arbitrary folders.
Http-file-server Project Http-file-server
5.5
CVSSv3
CVE-2022-48554
File prior to 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
File Project File 5.41
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2022-40721
Arbitrary file upload vulnerability in php uploader
Creativedream File Uploader Project Creativedream File Uploader 0.3
5.3
CVSSv3
CVE-2018-19040
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »