Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:file_project:file:5.20:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-18218 |
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). Published: October 21, 2019; 1:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2014-9653 |
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. Published: March 30, 2015; 6:59:03 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-9652 |
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. Published: March 30, 2015; 6:59:01 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-9621 |
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. Published: January 21, 2015; 1:59:07 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-9620 |
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. Published: January 21, 2015; 1:59:05 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-8117 |
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. Published: December 17, 2014; 2:59:05 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-8116 |
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. Published: December 17, 2014; 2:59:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |