Every CVE whose affected-product data names Christos Zoulas File, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2009-3930 — CVSS 9.3 (critical): Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a…
CVE-2009-1515 — CVSS 6.8 (medium): Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to…
CVE-2014-0207 — CVSS 6.5 (medium): The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before…
CVE-2012-1571 — CVSS 6.5 (medium): file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file…
CVE-2014-3478 — CVSS 6.5 (medium): Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and…
CVE-2014-3538 — CVSS 5.0 (medium): file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial…
CVE-2013-7345 — CVSS 5.0 (medium): The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited…
CVE-2014-3587 — CVSS 4.3 (medium): Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before…