Lucene search
K

3504 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/22 1:38 p.m.2 views

CVE-2019-25619

FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Attackers can inject shellcode through the account name parameter in the Manage FTP Accounts dialog to overwrite t...

8.6CVSS6.4AI score0.00214EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/22 1:38 p.m.3 views

CVE-2019-25614

Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious STOR command...

9.8CVSS6.9AI score0.00946EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/22 12:11 a.m.32 views

CVE-2019-25587 BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer o...

6.9CVSS0.00177EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.6 views

Free Float FTP 缓冲区错误漏洞

Free Float FTP is an FTP server software developed by Free Float Corporation. Version 1.0 of Free Float FTP contains a buffer overflow vulnerability. This vulnerability stems from the STOR command processor’s buffer overflow issue, which may allow remote attackers to execute arbitrary code by...

9.8CVSS6.5AI score0.00946EPSS
Exploits1References3
NVD
NVD
added 2026/03/20 11:16 p.m.9 views

CVE-2026-32733

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorizedkeys and the fil...

8.7CVSS0.00399EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/20 10:37 p.m.3 views

CVE-2026-32733 Halloy has a file transfer path traveral vulnerability

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorizedkeys and the fil...

8.7CVSS5.9AI score0.00399EPSS
Exploits1References2
OSV
OSV
added 2026/03/20 2:24 p.m.5 views

OESA-2026-1666 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/03/20 7:46 a.m.3 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler bsc1259377. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

6.9CVSS6AI score0.00631EPSS
Exploits0References4
OSV
OSV
added 2026/03/19 2:59 p.m.6 views

CLSA-2026-1773932358 libssh: Fix of CVE-2026-3731

Fix CVE-2026-3731: out-of-bounds read in SFTP extension name handler...

7.5CVSS6.2AI score0.00631EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 11:23 a.m.5 views

SUSE-SU-2026:20767-1 Security update for libssh

This update for libssh fixes the following issue: - CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler bsc1259377...

7.5CVSS6AI score0.00631EPSS
Exploits0References3
Amazon
Amazon
added 2026/03/19 12:0 a.m.10 views

Medium: gvfs

Issue Overview: A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint,...

4.3CVSS6.4AI score0.0036EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.6 views

SUSE SLES15 Security Update : gvfs (SUSE-SU-2026:0923-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0923-1 advisory. - CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. - CVE-2026-28296: Fix ftp reject paths containin...

4.3CVSS5.9AI score0.0036EPSS
Exploits2References7
EUVD
EUVD
added 2026/03/18 11:26 p.m.5 views

EUVD-2026-13003

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

6.5CVSS5.9AI score0.00365EPSS
Exploits3References2
EUVD
EUVD
added 2026/03/18 9:30 a.m.6 views

EUVD-2026-12789

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

6.5CVSS6.2AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/18 9:30 a.m.3 views

EUVD-2026-12787

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS6.2AI score0.00339EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/03/18 9:15 a.m.10 views

Security update for gvfs

This update for gvfs fixes the following issues: CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. CVE-2026-28296: Fix ftp reject paths containing CR/LF characters bsc1258954. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

7.3CVSS5.7AI score0.0036EPSS
Exploits2References8
NVD
NVD
added 2026/03/18 8:16 a.m.9 views

CVE-2026-22320

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

6.5CVSS0.00317EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 8:16 a.m.8 views

CVE-2026-22318

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/18 7:34 a.m.4 views

CVE-2026-22320 Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

6.5CVSS6.2AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/18 7:34 a.m.25 views

CVE-2026-22320 Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

6.5CVSS0.00317EPSS
Exploits0References1
Rows per page
Query Builder