VYPR

Sky File

by Sky File

Source repositories

CVEs (8)

  • CVE-2009-0948CriJun 2, 2021
    risk 0.64cvss 9.8epss 0.01

    Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.

  • CVE-2019-8907HigFeb 18, 2019
    risk 0.57cvss 8.8epss 0.03

    do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.

  • CVE-2019-8904HigFeb 18, 2019
    risk 0.57cvss 8.8epss 0.02

    do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.

  • CVE-2020-23040HigOct 22, 2021
    risk 0.49cvss 7.5epss 0.02

    Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands.

  • CVE-2019-18218HigOct 21, 2019
    risk 0.44cvss 7.8epss 0.02

    cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

  • CVE-2020-36488MedOct 22, 2021
    risk 0.42cvss 6.5epss 0.01

    An issue in the FTP server of Sky File v2.1.0 allows attackers to perform directory traversal via `/null//` path commands.

  • CVE-2019-8905MedFeb 18, 2019
    risk 0.29cvss 4.4epss 0.00

    do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

  • CVE-2019-8906MedFeb 18, 2019
    risk 0.00cvss 4.4epss 0.00

    do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.