RHEL 7 : spice-vdagent (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spice-vdagent: Improper validation of xfers-savedir in vdagentfilexfersdata CVE-2017-15108 - spice-vdagen...

The vulnerability of the FTP protocol implementation in the software of the Yokogawa FA-M3 programmable logic controller allows a intruder to disclose protected information.

The vulnerability of the FTP protocol implementation in the software of the Yokogawa FA-M3 programmable logic controller is related to the transmission of secret information in the form of plain text. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the...

The vulnerability of the FTP-server software of the Yokogawa FA-M3 programmable logic controller allows a intruder to trigger a service failure.

The vulnerability of the FTP server software of the Yokogawa FA-M3 programmable logic controller is related to the exhaustion of the connection limits. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2023-32178

VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target...

D-Link D-View 安全漏洞

D-Link D-View is a web-based design network device management software from China's D-Link Corporation. A security vulnerability exists in D-Link D-View, which originates from a TftpSendFileThread directory traversal information disclosure vulnerability...

The vulnerability of the Airflow FTP Provider network software is related to errors in the authentication process, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Airflow FTP Provider network software is related to errors in the authentication process. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the FileTransfer component in the SAN management software Brocade SANnav allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the FileTransfer component in the SAN management software Brocade SANnav is related to the insufficient encryption reliability during the generation of SSH keys, due to the use of the SHA-1 algorithm. Exploiting this vulnerability allows a remote attacker to execute a...

spring boot online exam 安全漏洞

Online Exam System is an online exam system by orotnom23 individual developers. A security vulnerability exists in spring boot online exam version v.0.9. An attacker can exploit this vulnerability to execute arbitrary code via the FileTransUtil.java component...

Exploit for Code Injection in Crushftp

CVE-2024-4040-CrushFTP-server CrushFTP is a proprietary multi...

PyPXE 安全漏洞

PyPXE is a Python library open-sourced by PyPXE. A security vulnerability exists in PyPXE version v.1.8.4, which stems from the presence of a buffer overflow vulnerability that allows remote attackers to cause a denial of service via the handle function in the tftp module...

Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit

By Deeba Ahmed Popular File Transfer Software Hit by Zero-Day Exploit: Millions Potentially Exposed - Install Patches Right Now! This is a post from HackRead.com Read the original post: Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit...

[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

IBM Aspera Faspex Information Disclosure Vulnerability (CNVD-2024-22248)

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Faspex, which can be exploited by attackers to obtain sensitive information...

[SECURITY] Fedora 40 Update: filezilla-3.67.0-1.fc40

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

[SECURITY] Fedora 40 Update: curl-8.6.0-8.fc40

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

IBM Aspera 日志信息泄露漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A log information disclosure vulnerability exists in IBM Aspera Faspex, which can be exploited by an attacker to obtain sensitive information...

[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

The vulnerability of the implementation of Secure Copy Protocol and FTP (SFTP) protocols in the Cisco IOS XR operating system allows a hacker to induce a service failure.

The vulnerability of the Secure Copy Protocol and FTP SFTP implementations in the Cisco IOS XR operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to cause service failures...

DEBIAN-CVE-2024-31210

WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins - Add New - Upload Plugin screen in WordPress. If FTP credentials are requested for installation in order to move...

UBUNTU-CVE-2024-31210

WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins - Add New - Upload Plugin screen in WordPress. If FTP credentials are requested for installation in order to move...