Lucene search
K

3514 matches found

CNVD
CNVD
added 2019/12/25 12:0 a.m.3 views

Open TFTP Server SP Formatting String Error Vulnerability

Open TFTP Server SP is a file transfer server. A formatting string error vulnerability exists in the 'logMess' function in TFTP Server SP version 1.66 and earlier. The vulnerability originates from a network system or product that receives external formatted strings as parameters with lax filteri...

9.8CVSS6.8AI score0.0436EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/24 12:0 a.m.2 views

Open TFTP Server Formatting String Error Vulnerability

Open TFTP Server MT is a file transfer server. A formatting string error vulnerability exists in the 'logMess' function in Open TFTP Server MT version 1.65 and earlier. The vulnerability stems from a network system or product that receives external formatted strings as parameters with lax filteri...

9.8CVSS7AI score0.02257EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/24 12:0 a.m.2 views

Open TFTP Server SP 'logMess' Function Buffer Overflow Vulnerability

Open TFTP Server SP is a file transfer server. A buffer overflow vulnerability exists in the 'logMess' function in Open TFTP Server SP version 1.66 and earlier. The vulnerability originates when a network system or product performs an operation in memory without properly validating data boundarie...

9.8CVSS7.4AI score0.02257EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/24 12:0 a.m.3 views

Open TFTP Server MT 'logMess' Function Buffer Overflow Vulnerability

Open TFTP Server MT is a file transfer server. A buffer overflow vulnerability exists in the 'logMess' function in Open TFTP Server MT version 1.65 and earlier. The vulnerability stems from a network system or product performing operations in memory without properly validating data boundaries,...

9.8CVSS7.4AI score0.02257EPSS
Exploits0References1
Kitploit
Kitploit
added 2019/12/22 2:53 p.m.97 views

BetterBackdoor - A Backdoor With A Multitude Of Features

A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by including the...

7.8AI score
Exploits0References1
Fedora
Fedora
added 2019/12/18 1:56 a.m.31 views

[SECURITY] Fedora 31 Update: libssh-0.9.3-1.fc31

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

9.3CVSS3.6AI score0.0316EPSS
Exploits0
OSV
OSV
added 2019/12/17 11:15 p.m.4 views

CVE-2019-18257

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the use...

9.8CVSS8AI score0.02768EPSS
Exploits0References1
OSV
OSV
added 2019/12/16 9:15 p.m.4 views

CVE-2019-13181

A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7...

6.5CVSS6.6AI score0.03233EPSS
Exploits2References3
OSV
OSV
added 2019/12/13 11:15 p.m.2 views

CVE-2019-5255

Certain Huawei products AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981 have a DoS vulnerability. An attacker may send crafted messages from a FTP clie...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References1
Carbon Black Blog
Carbon Black Blog
added 2019/12/13 4:20 p.m.77 views

Threat Analysis Unit (TAU) Threat Intelligence Notification: BlackRemote RAT

BlackRemote is a relatively new commodity RAT discovered in September 2019. Similar to other Remote Access Trojans, it offers typical functionality such as keylogging, remote desktop, file transfer, credential harvesting, and more. Despite the discovery of this RAT being caught early, and while t...

0.8AI score
Exploits0
OSV
OSV
added 2019/12/13 6:15 a.m.2 views

CVE-2019-19782

The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server...

9.8CVSS7.6AI score0.03153EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/12/13 12:0 a.m.4 views

The vulnerability of the FTP protocol implementation that supports Kerberos authentication, as provided by the libcurl library, relates to the reallocation of memory. This vulnerability allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the FTP protocol implementation that supports Kerberos authentication, when using the libcurl library, is related to a memory reclamation error. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

9.8CVSS6.3AI score0.07266EPSS
Exploits0References14Affected Software5
OSV
OSV
added 2019/12/12 7:15 p.m.4 views

CVE-2019-18342

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The SFTP service default port 22/tcp of the Control Center Server CCS does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker wit...

9.9CVSS6.7AI score0.02126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/12/12 12:0 a.m.2 views

PT-2019-15361 · Unknown · Control Center Server

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 Description: A vulnerability has been identified in the SFTP service of the Control Center Server, which does not properly limit its capabilities. This could allow an unauthenticated remote...

9.9CVSS9.3AI score0.02126EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/12/12 12:0 a.m.9 views

PT-2019-15360 · Bosch · Control Center Server

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 Description: A vulnerability has been identified in the SFTP service of the Control Center Server, which contains an authentication bypass issue. This allows a remote attacker with network...

5.3CVSS6.3AI score0.01618EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/11 12:0 a.m.6 views

The vulnerability of the FTP server of the EKRA 200 series micro-processor terminal allows a hacker to gain access to arbitrary data in the file system.

The vulnerability of the FTP server of the EKRA 200 series micro-processor terminals is related to security flaws in their mechanisms. Exploiting this vulnerability allows a malicious actor to gain access to arbitrary files on the file system using the RETR command...

7.8CVSS5.6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/10 12:0 a.m.4 views

The vulnerability of the tftp_receive_packet function in the libcurl library, related to buffer overflow in memory, allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the tftpreceivepacket function in the libcurl library is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.8CVSS6.7AI score0.17939EPSS
Exploits0References18Affected Software13
NVD
NVD
added 2019/11/29 8:15 p.m.22 views

CVE-2019-5211

The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully...

5.7CVSS5.6AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2019/11/29 8:15 p.m.21 views

Design/Logic Flaw

The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully...

4.3CVSS5.6AI score0.00301EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/11/26 12:0 a.m.2 views

libVNC File Transfer Extension Heap-based Buffer Overflow (CVE-2018-15127)

A heap-based buffer overflow vulnerability has been reported in libVNC. The vulnerability is due improper validation of the file transfer request by the File Transfer extension. Successful exploitation may result in remote code execution on the target server...

7.5CVSS4.7AI score0.15089EPSS
Exploits0
Rows per page
Query Builder