TIBCO Managed File Transfer Platform Server 代码注入漏洞

TIBCO Managed File Transfer Platform Server is a hosted file transfer platform server from TIBCO USA. A security vulnerability exists in the cfsend, cfrecv, and CyberResp components of TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux...

CVE-2022-28157

Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP server...

CVE-2022-28157

Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP server...

Jenkins Pipeline Phoenix AutoTest Plugin 路径遍历漏洞

Jenkins Pipeline is a set of plug-ins that support the implementation and integration of continuous delivery pipelines into Jenkins.The Jenkins Pipeline Phoenix AutoTest Plugin 1.3 and earlier versions are vulnerable to a path traversal vulnerability that could be exploited by an attacker with...

PT-2022-18856 · Jenkins · Jenkins Pipeline: Phoenix Autotest Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Phoenix AutoTest Plugin versions 1.3 and earlier Description: The issue allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP server...

Pro2col Stingray FTS 跨站脚本漏洞

Pro2col StingRay FTS is a file transfer server for Internet communication from Pro2col, UK. A cross-site scripting vulnerability exists in the Pro2col Stingray FTS that stems from the fact that manipulation of the Username parameter can lead to a cross-site scripting vulnerability...

TIBCO Security Advisory: March 30, 2022 - TIBCO Managed File Transfer Platform Server -2022-22772

TIBCO Managed File Transfer Platform Server Remote Code Execution Vulnerability Original release date: March 30,2022 Last revised: --- CVE-2022-22772 Source: TIBCO Software Inc. Products Affected TIBCO Managed File Transfer Platform Server for UNIX versions 8.1.0 and below TIBCO Managed File...

TIBCO Security Advisory: March 30, 2022 - TIBCO Managed File Transfer Platform Server -2022-22772

TIBCO Managed File Transfer Platform Server Remote Code Execution Vulnerability Original release date: March 30,2022 Last revised: --- CVE-2022-22772 Source: TIBCO Software Inc. Products Affected TIBCO Managed File Transfer Platform Server for UNIX versions 8.1.0 and below TIBCO Managed File...

The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted FTP request...

SolarWinds Serv-U FTP Server 路径遍历漏洞

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the US-based SolarWinds. A path traversal vulnerability exists in SolarWinds Serv-U FTP Server. The vulnerability arises from a failure of a network system or product to properly filter special elements in the path...

CVE-2022-24252

An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file...

CVE-2022-24252

An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file...

CVE-2022-24253

Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet...

ASB-A-207057578

In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-22845

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service DOS via crafted FTP requests...

Mikrotik RouterOS 安全漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in Mikrotik RouterOS 6.47 that allows an unauthenticated attacker to cause a denia...

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host

Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host

Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host

Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host

Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...