Linux Distros Unpatched Vulnerability : CVE-2017-12451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils...

EulerOS Virtualization 2.10.1 : file (EulerOS-SA-2023-3495)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project...

CVE-2023-7035

Automad (versions up to 1.10.9) is affected by a cross-site scripting flaw in the Setting Handler, specifically in the sitename argument processed by the post.php endpoint under packages/standard/templates/post.php. The issue is triggered by unsanitized input and may be exploitable remotely; mult...

CVE-2023-7035 automad Setting post.php cross site scripting

A vulnerability was found in automad up to 1.10.9 and classified as problematic. Affected by this issue is some unknown functionality of the file packages\standard\templates\post.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. The...

MGASA-2023-0268 Updated file packages fix security vulnerability

File before 5.43 has a stack-based buffer over-read in filecopystr in funcs.c. CVE-2022-48554...

NewStart CGSL MAIN 6.02 : file Vulnerability (NS-SA-2022-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has file packages installed that are affected by a vulnerability: - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

EulerOS Virtualization 3.0.2.6 : file (EulerOS-SA-2021-1430)

According to the version of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.CVE-2014-962...

NewStart CGSL CORE 5.04 / MAIN 5.04 : file Vulnerability (NS-SA-2020-0070)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has file packages installed that are affected by a vulnerability: - The docorenote function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service out-of-bounds read and application crash v...

EulerOS Virtualization 3.0.6.0 : file (EulerOS-SA-2020-1778)

According to the version of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer...

File Upload Vulnerability in HulaCWMS v2.0.1 at Qingdao Scorch Culture Media Co.

HulaCWMS Hula enterprise website management system is based on ThinkPHP5 framework for the development of enterprise website management system. HulaCWMS v2.0.1 has a file upload vulnerability that can be exploited by attackers to construct specific file packages, upload malicious files, and gain...

EulerOS 2.0 SP3 : file (EulerOS-SA-2019-2578)

According to the version of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.CVE-2014-9620 Note that...

EulerOS 2.0 SP2 : file (EulerOS-SA-2019-2449)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow...

MGASA-2019-0308 Updated file packages fix security vulnerability

Updated file packages fix security vulnerability: A buffer overflow was found in file which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF Composite Document File file is processed CVE-2019-18218...

Updated file packages fix security vulnerabilities

The updated file packages fix security vulnerabilities: docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360. CVE-2019-8905 docorenote in readelf.c in libmagic.a in file 5.35 allows remote...

Debian DLA-1698-2 : file regression update

This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause. For Debian 8 'Jessie', this problem has been fixed in version 1:5.22+15-2+deb8u7. We recommend that you upgrade your...

CentOS 7 : file (CESA-2015:2155)

Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

Updated file packages fix security vulnerabilities

Updated file packages fix security vulnerabilities: Alexander Cherepanov reported that using the file command on a specially-crafted ELF binary could lead to a denial of service due to uncontrolled resource consumption while processing ELF section headers CVE-2014-9620, CVE-2014-9621. As part of...

Mandriva Linux Security Advisory : file (MDVSA-2015:010)

Updated file packages fix security vulnerabilities : Thomas Jarosch of Intra2net AG reported that using the file command on a specially crafted ELF binary could lead to a denial of service due to uncontrolled resource consumption CVE-2014-8116. Thomas Jarosch of Intra2net AG reported that using t...

CentOS 6 : file (CESA-2014:1606)

Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

Updated file packages fix CVE-2014-3587

Updated file packages fix security vulnerability: A flaw was found in the way file uses cdfreadpropertyinfo function when checks stream offsets for certain Composite Document Format CDF. An insufficient input validation flaw for p and q minimal and maximal value, leads to a pointer overflow. This...