Lucene search
K

781 matches found

Packet Storm
Packet Storm
added 2025/03/11 12:0 a.m.214 views

BulletProof FTP Client 2010.74 Buffer Overflow

BulletProof FTP Client version 2010.74 suffers from a buffer overflow vulnerability. Exploit Title: BulletProof FTP Client v2010.74 - Buffer Overflow PoC Discovered by: Ahmet Ümit BAYRAM Discovered Date: 14.09.2023 Vendor Homepage: http://www.bpftp.com Software Link:...

7.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2021-37533

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a...

6.5CVSS6.4AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-4189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host...

5.3CVSS6.9AI score0.02602EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/14 7:12 p.m.28 views

Security Bulletin: IBM B2B Sterling Integrator is affected by Apache Commons Net vulnerability information disclosure (CVE-2021-37533)

Summary IBM B2B Sterling Integrator is affected by Apache Commons Net vulnerability information disclosure CVE-2021-37533 Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP clien...

6.5CVSS5.9AI score0.01858EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.44 views

RHEL 9 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies CVE-2023-26049 -...

7.5CVSS7.5AI score0.0326EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 7 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - log4j: Socket receiver deserialization vulnerability CVE-2017-5645 - UNSUPPORTED WHEN ASSIGNED When using...

9.8CVSS8.1AI score0.8904EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-ff9a2fb31c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.05773EPSS
Exploits0References3
Metasploit
Metasploit
added 2024/05/18 7:54 p.m.213 views

CarotDAV Credential Gatherer

This module searches for credentials stored on CarotDAV FTP Client on a Windows host. Module Options msf use post/windows/gather/credentials/carotdavftp msf postcarotdavftp show actions ...actions... msf postcarotdavftp set ACTION msf postcarotdavftp show options ...show and set options... msf...

6.9AI score
Exploits0
OSV
OSV
added 2024/03/06 11:5 a.m.77 views

BIT-PYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.3AI score0.02602EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2024/02/19 8:44 a.m.35 views

USN-6641-1: curl vulnerability

Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains...

6.5CVSS6.6AI score0.01685EPSS
Exploits1
Fedora
Fedora
added 2023/12/27 1:30 a.m.21 views

[SECURITY] Fedora 39 Update: filezilla-3.66.4-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.42 views

Rocky Linux 8 : python27:2.7 (RLSA-2022:1821)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1821 advisory. - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser...

8.2CVSS7.2AI score0.11586EPSS
Exploits3References12
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:44 a.m.50 views

Security Bulletin: There is a vulnerability in Apache Commons Net used by IBM Jazz Reporting Service (CVE-2021-37533)

Summary There is a vulnerability in Apache Commons Net used by IBM Jazz Reporting Service. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusts the host from PASV...

6.5CVSS6.3AI score0.01858EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 7:47 p.m.29 views

Security Bulletin: There is a vulnerability in Apache Commons Net used by IBM Maximo Asset Management (CVE-2021-37533)

Summary There is a vulnerability in Apache Commons Net used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusts the host from PASV...

6.5CVSS6.3AI score0.01858EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/21 8:26 p.m.40 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to remote code execution due to Apache Commons Net (CVE-2021-37533)

Summary Apache Commons Net is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web service infrastructure. Information about security vulnerabilities affecting Apache Commons Net has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache...

6.5CVSS6.7AI score0.01858EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/19 4:32 p.m.64 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.13.3 security update

Red Hat Integration Camel Extensions for Quarkus 2.13.3 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability...

7.5CVSS6.6AI score0.01858EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.5 views

apache-commons-net: FTP client trusts the host from PASV response by default

A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of...

6.5CVSS7.2AI score0.01858EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.55 views

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7.2AI score0.46836EPSS
Exploits17References37
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 9:11 p.m.18 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache Commons

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Apache Commons. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trust...

7.5CVSS7.5AI score0.46836EPSS
Exploits1Affected Software1
Ubuntu
Ubuntu
added 2023/04/28 10:19 a.m.65 views

USN-6037-1: Apache Commons Net vulnerability

ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private...

6.5CVSS6.6AI score0.01858EPSS
Exploits0
Rows per page
Query Builder