Vulnerabilities > File Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2022-48554 | Out-of-bounds Read vulnerability in multiple products File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. | 5.5 |
| 2019-02-18 | CVE-2019-8906 | Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. | 4.4 |
| 2019-02-18 | CVE-2019-8905 | Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. | 4.4 |
| 2018-06-11 | CVE-2018-10360 | Out-of-bounds Read vulnerability in multiple products The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | 6.5 |
| 2017-09-11 | CVE-2017-1000249 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in File Project File 5.29 An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. | 5.5 |