Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36313
An issue exists in the file-type package prior to 16.5.4 and 17.x prior to 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack.
File-type Project File-type
NA
CVE-2023-0431
The File Away WordPress plugin up to and including 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
File Away Project File Away
4
CVSSv2
CVE-2020-36488
An issue in the FTP server of Sky File v2.1.0 allows malicious users to perform directory traversal via `/null//` path commands.
Sky File Project Sky File 2.1.0
5
CVSSv2
CVE-2020-23040
Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows malicious users to access sensitive data and files via 'null' path commands.
Sky File Project Sky File 2.1.0
6.8
CVSSv2
CVE-2022-25023
Audio File commit 004065d exists to contain a heap-buffer overflow in the function fouBytesToInt():AudioFile.h.
Audio File Project Audio File 1.1.0
2.1
CVSSv2
CVE-2020-23058
An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.
File Explorer Project File Explorer 1.4
6.8
CVSSv2
CVE-2021-44340
David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffman_table() in "/ok_jpg.c:403".
Ok-file-formats Project Ok-file-formats -
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
7.5
CVSSv2
CVE-2020-35173
The Amaze File Manager application prior to 3.4.2 for Android does not properly restrict intents for controlling the FTP server (aka services.ftpservice.FTPReceiver.ACTION_START_FTPSERVER and services.ftpservice.FTPReceiver.ACTION_STOP_FTPSERVER).
Amaze File Manager Project Amaze File Manager
6.8
CVSSv2
CVE-2021-28233
Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.
Ok-file-formats Project Ok-file-formats -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »