Latest File project Vulnerabilities

CVE-2022-48554
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
ubuntu/file<1:5.44-1
ubuntu/file<1:5.41-3ubuntu0.1
debian/file
Apple watchOS<10.4
Apple tvOS<17.4
Apple macOS Sonoma<14.4
and 6 more
CVE-2019-18218
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
debian/file
ubuntu/file<1:5.32-2ubuntu0.3
ubuntu/file<1:5.35-4ubuntu0.1
ubuntu/file<1:5.37-5ubuntu0.1
ubuntu/file<1:5.14-2ubuntu3.4+
ubuntu/file<1:5.37-6
and 16 more
CVE-2019-8906
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
Apple macOS Mojave<10.14.4
Apple High Sierra
Apple Sierra
Apple watchOS<5.2
Apple tvOS<12.2
Apple iOS<12.2
and 14 more
CVE-2019-8905
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
debian/file
ubuntu/file<1:5.35-3
ubuntu/file<1:5.25-2ubuntu1.2
ubuntu/file<1:5.32-2ubuntu0.2
ubuntu/file<1:5.34-2ubuntu0.1
Debian Debian Linux=8.0
and 6 more
CVE-2019-8907
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
ubuntu/file<1:5.35-3
ubuntu/file<1:5.25-2ubuntu1.2
ubuntu/file<1:5.32-2ubuntu0.2
ubuntu/file<1:5.34-2ubuntu0.1
debian/file
Apple iPadOS=5.35
and 5 more
CVE-2019-8904
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
ubuntu/file<1:5.35-3
ubuntu/file<1:5.34-2ubuntu0.1
debian/file
Apple iPadOS=5.35
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 1 more
CVE-2018-10360
File is vulnerable to a denial of service, caused by an out-of-bounds read in the do_core_note function in readelf.c in libmagic.a. By persuading a victim to open a specially crafted ELF file, a remot...
IBM Data Risk Manager<=2.0.6
ubuntu/file<1:5.32-1ubuntu0.1
ubuntu/file<1:5.32-2ubuntu0.1
ubuntu/file<1:5.14-2ubuntu3.4
ubuntu/file<1:5.33-3
ubuntu/file<1:5.25-2ubuntu1.1
and 9 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203