Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2014-9653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread...

7.5CVSS7.2AI score0.04681EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9653

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...

7.5CVSS9.7AI score0.04681EPSS
Exploits0References21
OpenVAS
OpenVASadded 2021/04/19 12:0 a.m.46 views

SUSE: Security Advisory (SUSE-SU-2017:3048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.05926EPSS
Exploits0References11
Cloud Foundry
Cloud Foundryadded 2018/06/20 12:0 a.m.189 views

USN-3686-1: file vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9620...

7.5CVSS8AI score0.04985EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/16 9:43 p.m.55 views

Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection

Summary There are multiple vulnerabilities in file that is used by IBM Security Network Protection. These vulnerabilities include CVE-2014-3538, CVE-2014-3587, CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, and CVE-2014-9653. Vulnerability Details CVEID: CVE-2014-3538 DESCRIPTION: Fi...

7.5CVSS0.9AI score0.20237EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessusadded 2018/06/15 12:0 a.m.70 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : file vulnerabilities (USN-3686-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3686-1 advisory. Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause ...

7.5CVSS7.2AI score0.04985EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2017/11/27 12:0 a.m.55 views

SUSE SLED12 / SLES12 Security Update : file (SUSE-SU-2017:3048-1)

The GNU file utility was updated to version 5.22. Security issues fixed : - CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. bsc913650 - CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a...

7.5CVSS8.2AI score0.05926EPSS
Exploits0References19
Tenable Nessus
Tenable Nessusadded 2017/11/27 12:0 a.m.52 views

openSUSE Security Update : file (openSUSE-2017-1298)

The GNU file utility was updated to version 5.22. Security issues fixed : - CVE-2014-9621: The ELF parser in file allowed remote attackers to cause a denial of service via a long string. bsc913650 - CVE-2014-9620: The ELF parser in file allowed remote attackers to cause a denial of service via a...

7.5CVSS8.2AI score0.05926EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2016/05/16 12:0 a.m.54 views

OracleVM 3.3 / 3.4 : file (OVMSA-2016-0050)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3538 unrestricted regular expression matching - fix 1284826 - try to read ELF header to detect corrupted one - fix 1263987 - fix bugs found by coverity in the patch - fix CVE-2014-3587...

7.5CVSS8AI score0.20237EPSS
Exploits3References10
Tenable Nessus
Tenable Nessusadded 2016/05/16 12:0 a.m.45 views

Oracle Linux 6 : file (ELSA-2016-0760)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0760 advisory. - fix CVE-2014-3538 unrestricted regular expression matching - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bounds rea...

7.5CVSS8.1AI score0.20237EPSS
Exploits3References8
Oracle linux
Oracle linuxadded 2016/05/12 12:0 a.m.53 views

file security, bug fix, and enhancement update

5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...

7.5CVSS7.5AI score0.20237EPSS
Exploits3
OpenVAS
OpenVASadded 2015/11/24 12:0 a.m.66 views

Oracle: Security Advisory (ELSA-2015-2155)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.20805EPSS
Exploits3References2
securityvulns
securityvulnsadded 2015/09/14 12:0 a.m.194 views

[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04774019 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04774019 Version: 1 HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple...

10CVSS0.2AI score0.9994EPSS
Exploits45
Tenable Nessus
Tenable Nessusadded 2015/04/20 12:0 a.m.58 views

Debian DLA-204-1 : file security update

This update fixes the following issue in the file package : CVE-2014-9653 readelf.c does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memory access or possibly have unspecified other impa...

7.5CVSS7.9AI score0.04681EPSS
Exploits0References3
Debian
Debianadded 2015/04/19 1:6 p.m.48 views

[SECURITY] [DLA 204-1] file security update

Package : file Version : 5.04-5+squeeze10 CVE ID : CVE-2014-9653 Debian Bug : 777585 This update fixes the following issue in the file package: CVE-2014-9653 readelf.c does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a...

7.5CVSS7.2AI score0.04681EPSS
Exploits0
OSV
OSVadded 2015/04/19 12:0 a.m.43 views

DLA-204-1 file - security update

Bulletin has no description...

7.5CVSS6.3AI score0.04681EPSS
Exploits0
NVD
NVDadded 2015/03/30 10:59 a.m.27 views

CVE-2014-9653

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...

7.5CVSS7.5AI score0.04681EPSS
Exploits0References15
CVE
CVEadded 2015/03/30 10:0 a.m.300 views

CVE-2014-9653

CVE-2014-9653 affects the ELF parsing in the file utility (readelf.c) used by PHP Fileinfo. The vulnerability arises because pread calls may return only a subset of data, enabling remote denial of service via uninitialized memory access, and possibly other impact with crafted ELF files. Affected ...

7.5CVSS6.6AI score0.04681EPSS
Exploits0References15Affected Software1
Debian CVE
Debian CVEadded 2015/03/30 10:0 a.m.39 views

CVE-2014-9653

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...

7.5CVSS7AI score0.04681EPSS
Exploits0
Amazon
Amazonadded 2015/03/23 12:0 a.m.63 views

Medium: file

Issue Overview: The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. CVE-2014-9620 The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of...

7.5CVSS8.5AI score0.05926EPSS
Exploits0
Rows per page
Query Builder