3490 matches found
WePresent file_transfer.cgi Remote Command Execution
Binary data barcowepresentrce.nbin...
CVE-2019-9806
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service DOS attack. This vulnerability affects Firefox 66...
CVE-2019-9809
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service DOS attack. This...
CVE-2019-9807
When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox 66...
SUSE-SU-2019:14030-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
Design/Logic Flaw
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...
CVE-2015-1327
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 is vulnerable to an information disclosure via DBUS API where a confined app passes a file path and a malicious actor could cause a transfer of file:///etc/passwd to another app. Root cause: the DBUS API does not require the confined app to...
SUSE-SU-2019:0941-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
PT-2019-11348 · Jenkins · Jenkins Ftp Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins FTP publisher Plugin affected versions not specified Description: A cross-site request forgery issue exists in the FTPPublisher.DescriptorImpldoLoginCheck method, allowing attackers to initiate a connection to an attacker-specified...
PT-2019-11349 · Jenkins · Jenkins Ftp Publisher Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins FTP publisher Plugin affected versions not specified Description: A missing permission check in the FTPPublisher.DescriptorImpldoLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an...
Synology Router Manager Command Injection Vulnerability (CNVD-2019-08959)
Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. of Taiwan, China. A command injection vulnerability exists in ftpd in Synology SRM versions prior to 1.1.7-6941-1. The vulnerability, which originates from a failure of a network system or...
Synology DiskStation Manager Command Injection Vulnerability (CNVD-2019-08956)
Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A command injection vulnerability exists in ftpd in Synology DSM versions pri...
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager DSM before 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the 1 MKD or 2 RMD command...
[SECURITY] [DLA 1728-1] openssh security update
Package : openssh Version : 1:6.7p1-5+deb8u8 CVE ID : CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 Debian Bug : 793412 919101 923486 Multiple scp client vulnerabilities have been discovered in OpenSSH, the premier connectivity tool for secure remote shell login and secure file transfer...
[SECURITY] Fedora 29 Update: filezilla-3.41.2-1.fc29
FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...
Code injection
The SHAREit application before 4.0.42 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to download arbitrary files from the device including contacts, photos, videos, sound clips, etc. The...
Authentication flaw
The SHAREit application before 4.0.36 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to bypass authentication by trying to fetch a non-existing page. When the non-existing page is requeste...
CVE-2019-9938
The SHAREit application before 4.0.42 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to download arbitrary files from the device including contacts, photos, videos, sound clips, etc. The...
CVE-2019-9939
The SHAREit application before 4.0.36 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to bypass authentication by trying to fetch a non-existing page. When the non-existing page is requeste...
CVE-2019-9939
The SHAREit application before 4.0.36 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to bypass authentication by trying to fetch a non-existing page. When the non-existing page is requeste...