CVE-2022-26130

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing...

ASB-A-205996517

In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...

Exploit for Path Traversal in Wso2 Api_Manager

nmap-CVE-2022-29464 nmap-CVE-2022-29464 is an NSE script for d...

The vulnerability of FTP servers for microprogrammed software controllers such as CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of FTP servers for microprogrammed control devices such as CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus is related to errors during the verification of the MKD/XMKD command length. Exploiting this vulnerability can allow an attack...

The vulnerability of Siemens’ TFTP-server implementation for software and software-hardware products arises from the operation that goes beyond buffer boundaries in memory, allowing attackers to gain access to protected information.

The vulnerability of the TFTP server implementation for Siemens’ software and software-hardware products lies in the fact that the operation is carried out outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to gain access to protected information by sending...

The vulnerability of FTP servers for microprogrammed software controllers such as CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus allows a hacker to cause service failures or execute arbitrary codes.

The vulnerability of the FTP servers of the microprogrammed control devices CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus is related to errors during the verification of the USER command’s length. Exploiting this vulnerability can allow a remote...

The vulnerability of the Internet Information Services FTP network services for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Internet Information Services FTP protocol in Windows operating systems is related to errors during FTP data exchange. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information using specially crafted FTP commands...

IBM Aspera High-Speed Transfer信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

The vulnerability of the client library for TFTP in FortiOS operating systems, the network interface for web applications FortiWeb, and the proxy server FortiProxy allows a perpetrator to execute arbitrary code.

The vulnerability of the client library for TFTP in FortiOS operating systems, the network interface for web applications FortiWeb, and the proxy server FortiProxy are related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially...

Crestron Multiple Products Command Injection Vulnerability

Multiple Crestron products are vulnerable to command injection via the filetransfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root...

The vulnerability of the Python programming language interpreter’s FTP (File Transfer Protocol) client library allows attackers to perform SSRF attacks.

The vulnerability of the Python File Transfer Protocol client library is related to insufficient validation of data entered by users when the library is used in the PASV passive mode. Exploiting this vulnerability allows a malicious actor to configure a malicious FTP server, tricking the Python F...

curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

A flaw was found in curl. This flaw lies in the --ssl-reqd option or related settings in libcurl. Users specify this flag to upgrade to TLS when communicating with either IMAP, POP3 or a FTP server. An attacker controlling such servers could return a crafted response which could lead to curl clie...

curl: Server responses received before STARTTLS processed after TLS handshake

A flaw was found in curl. The flaw lies in how curl handles cached or pipelined responses that it receives from either a IMAP, POP3, SMTP or FTP server before the TLS upgrade using STARTTLS. In such a scenario curl even after upgrading to TLS would trust these cached responses treating them as...

CVE-2022-29050

A cross-site request forgery CSRF vulnerability in Jenkins Publish Over FTP Plugin 1.16 and earlier allows attackers to connect to an FTP server using attacker-specified credentials...

CVE-2022-29051

Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...

PT-2022-19390 · Jenkins · Jenkins Publish Over Ftp Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Publish Over FTP Plugin versions 1.16 and earlier Description: A cross-site request forgery CSRF issue allows attackers to connect to an FTP server using attacker-specified credentials. Recommendations: For Jenkins Publish Over FTP...

Jenkins Publish Over FTP Plugin 访问控制错误漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Publish Over FTP Plugin 1.16 an...

UBUNTU-CVE-2021-45103

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker can access files stored in S3 cloud storage that a user has asked HTCondor to transfer...

CVE-2022-22772

The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution RCE vulnerability that allows a low privileged attacker with...

Remote code execution

The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution RCE vulnerability that allows a low privileged attacker with...