| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-7317 |
416 |
|
|
2019-02-04 |
2019-08-01 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. |
|
2 |
CVE-2019-7222 |
200 |
|
+Info |
2019-03-21 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. |
|
3 |
CVE-2019-3812 |
125 |
|
Exec Code |
2019-02-19 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. |
|
4 |
CVE-2019-2797 |
284 |
|
|
2019-07-23 |
2019-08-14 |
2.3 |
None |
Local Network |
Medium |
Single system |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
|
5 |
CVE-2018-20685 |
706 |
|
Bypass |
2019-01-10 |
2019-10-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. |
|
6 |
CVE-2018-20126 |
772 |
|
|
2018-12-20 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. |
|
7 |
CVE-2018-20123 |
772 |
|
|
2018-12-17 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. |
|
8 |
CVE-2018-19489 |
362 |
|
DoS |
2018-12-13 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. |
|
9 |
CVE-2018-19364 |
416 |
|
|
2018-12-13 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. |
|
10 |
CVE-2018-18954 |
125 |
|
|
2018-11-15 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. |
|
11 |
CVE-2018-18849 |
125 |
|
|
2019-03-21 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. |
|
12 |
CVE-2018-18710 |
200 |
|
+Info |
2018-10-29 |
2019-04-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658. |
|
13 |
CVE-2018-18397 |
|
|
|
2018-12-12 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c. |
|
14 |
CVE-2018-18386 |
704 |
|
|
2018-10-17 |
2019-04-23 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. |
|
15 |
CVE-2018-16878 |
400 |
|
|
2019-04-18 |
2019-05-27 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS |
|
16 |
CVE-2018-16866 |
125 |
|
|
2019-01-11 |
2019-05-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. |
|
17 |
CVE-2018-16862 |
200 |
|
+Info |
2018-11-26 |
2019-04-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. |
|
18 |
CVE-2018-15864 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created. |
|
19 |
CVE-2018-15863 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. |
|
20 |
CVE-2018-15862 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers. |
|
21 |
CVE-2018-15861 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. |
|
22 |
CVE-2018-15859 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled. |
|
23 |
CVE-2018-15858 |
476 |
|
|
2018-08-25 |
2018-11-07 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file. |
|
24 |
CVE-2018-15856 |
835 |
|
DoS |
2018-08-25 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files. |
|
25 |
CVE-2018-15855 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled. |
|
26 |
CVE-2018-15854 |
476 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly. |
|
27 |
CVE-2018-15853 |
400 |
|
|
2018-08-25 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation. |
|
28 |
CVE-2018-15594 |
200 |
|
+Info |
2018-08-20 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. |
|
29 |
CVE-2018-15572 |
|
|
|
2018-08-19 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. |
|
30 |
CVE-2018-13053 |
190 |
|
Overflow |
2018-07-02 |
2019-04-23 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. |
|
31 |
CVE-2018-12896 |
190 |
|
DoS Overflow |
2018-07-02 |
2019-04-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. |
|
32 |
CVE-2018-12383 |
522 |
|
|
2018-10-18 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1. |
|
33 |
CVE-2018-10910 |
|
|
|
2019-01-28 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable. |
|
34 |
CVE-2018-8043 |
476 |
|
DoS |
2018-03-10 |
2018-05-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). |
|
35 |
CVE-2018-7858 |
125 |
|
DoS |
2018-03-12 |
2019-03-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. |
|
36 |
CVE-2018-7755 |
200 |
|
Bypass +Info |
2018-03-08 |
2018-10-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR. |
|
37 |
CVE-2018-7073 |
668 |
|
|
2018-08-06 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. |
|
38 |
CVE-2018-6559 |
200 |
|
+Info |
2018-10-26 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace. |
|
39 |
CVE-2018-6556 |
417 |
|
|
2018-08-10 |
2019-05-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. |
|
40 |
CVE-2018-2790 |
|
|
|
2018-04-18 |
2019-10-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N). |
|
41 |
CVE-2018-2762 |
|
|
|
2018-04-18 |
2018-11-27 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
|
42 |
CVE-2018-2641 |
|
|
|
2018-01-17 |
2019-10-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N). |
|
43 |
CVE-2018-2629 |
|
|
|
2018-01-17 |
2019-10-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N). |
|
44 |
CVE-2018-1118 |
200 |
|
+Info |
2018-05-10 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. |
|
45 |
CVE-2018-1106 |
287 |
|
Bypass |
2018-04-23 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system. |
|
46 |
CVE-2018-1071 |
119 |
|
DoS Overflow |
2018-03-09 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service. |
|
47 |
CVE-2018-1059 |
200 |
|
+Info |
2018-04-24 |
2018-08-21 |
2.9 |
None |
Local Network |
Medium |
Not required |
Partial |
None |
None |
|
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. |
|
48 |
CVE-2018-1050 |
20 |
|
DoS |
2018-03-13 |
2019-04-09 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. |
|
49 |
CVE-2017-18344 |
125 |
|
|
2018-07-26 |
2019-03-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE). |
|
50 |
CVE-2017-16611 |
59 |
|
|
2017-12-01 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files. |
