PT-2023-28702 · Crushftp · Crushftp

Name of the Vulnerable Software and Affected Versions: CrushFTP affected versions not specified Description: The issue poses a threat and is related to managing the security of MFT applications. There is an analysis available of the threat. Recommendations: At the moment, there is no information...

SolarWinds Serv-U FTP Server Input Validation Error Vulnerability

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the US-based SolarWinds Corporation. An input validation error vulnerability exists in SolarWinds Serv-U FTP Server version 15.4, which originates from allowing an authenticated attacker to insert content on the fi...

CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...

CVE-2023-48315 Azure RTOS NetX Duo Remote Code Execution Vulnerability

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to ftp and...

apache-mina-sshd: information exposure in SFTP server implementations

A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope...

apache-mina-sshd: information exposure in SFTP server implementations

A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope...

apache-mina-sshd: information exposure in SFTP server implementations

A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope...

apache-mina-sshd: information exposure in SFTP server implementations

A flaw was found in Apache Mina SSHD that could be exploited on certain SFTP servers implemented using the Apache Mina RootedFileSystem. This issue could permit authenticated users to view information outside of their permissions scope...

PT-2023-30777 · Microsoft · Azure Rtos Netx Duo

Name of the Vulnerable Software and Affected Versions: Azure RTOS NetX Duo versions prior to 6.3.0 Description: The issue affects Azure RTOS NetX Duo, a TCP/IP network stack for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow...

The vulnerability of the TFTP protocol implementation in ASUS RT-AC87U router microsoftware allows a hacker to gain access to read, modify, or delete files.

The vulnerability of the TFTP protocol implementation in ASUS RT-AC87U router microsoftware is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete file access rights remotely...

The vulnerability of the Squid proxy server is related to improper conversion between numerical types and uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the Squid proxy server is related to the issue of sending FTP URL addresses in HTTP requests, or creating FTP URL addresses from input data of the FTP Native. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

USN-6500-1 squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

ASUS RT-AC87U Security Vulnerability

The ASUS RT-AC87U is a wireless router from Asus China. A security vulnerability exists in the ASUS RT-AC87U that stems from the presence of an Access Control Error vulnerability. The vulnerability can be exploited by an attacker to connect to the target device via tftp to read or write files...

Bastion Access Control Error Vulnerability

Bastion is a group of machines used as a single entry point for operational teams to securely connect to devices. An Access Control Error vulnerability exists in Bastion versions 3.0.0 through 3.14.0, which originates in MFA where a group or individual can force an SCP/SFTP connection through...

squid: denial of Service in FTP

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input...

curl: SFTP path ~ resolving discrepancy

A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...

Progress Software WS_FTP Server Code Issue Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A code issue vulnerability exists in versions of Progress Software WSFTP Server prior to 8.8.4 that stems from not limiting the number of file uploads...

Rocky Linux 8 : python27:2.7 (RLSA-2022:1821)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1821 advisory. - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser...

AZL-31903 CVE-2023-46848 affecting package squid 5.7-5

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input...

ALPINE-CVE-2023-46848

Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input...