Vulnerabilities > File Project > File > 5.21
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-21 | CVE-2019-18218 | Out-of-bounds Write vulnerability in multiple products cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | 7.8 |
| 2015-03-30 | CVE-2014-9653 | Improper Input Validation vulnerability in multiple products readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file. | 7.5 |
| 2015-01-21 | CVE-2014-9621 | Resource Management Errors vulnerability in File Project File The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string. | 5.0 |
| 2015-01-21 | CVE-2014-9620 | Resource Management Errors vulnerability in File Project File The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. | 5.0 |