File Fileproject File

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Fileproject File.

By the Year

In 2025 there have been 0 vulnerabilities in Fileproject File. File did not have any published security vulnerabilities last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 1 5.50
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 5 6.84
2018 1 6.50

It may take a day or so for new File vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Fileproject File Security Vulnerabilities

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c

CVE-2022-48554 5.5 - Medium - August 22, 2023

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.

Out-of-bounds Read

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which

CVE-2019-18218 7.8 - High - October 21, 2019

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

Memory Corruption

do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read

CVE-2019-8904 8.8 - High - February 18, 2019

do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.

Out-of-bounds Read

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read

CVE-2019-8905 4.4 - Medium - February 18, 2019

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

Out-of-bounds Read

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read

CVE-2019-8906 4.4 - Medium - February 18, 2019

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

Out-of-bounds Read

do_core_note in readelf.c in libmagic.a in file 5.35

CVE-2019-8907 8.8 - High - February 18, 2019

do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.

Memory Corruption

The do_core_note function in readelf.c in libmagic.a in file 5.33

CVE-2018-10360 6.5 - Medium - June 11, 2018

The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

Out-of-bounds Read

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which

CVE-2014-3487 - July 09, 2014

The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

Improper Input Validation

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which

CVE-2014-3480 - July 09, 2014

The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which

CVE-2014-3479 - July 09, 2014

The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.

softmagic.c in file before 5.17 and libmagic

CVE-2014-2270 - March 14, 2014

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for OpenSuse or by Fileproject? Click the Watch button to subscribe.

Fileproject
Vendor

subscribe