Lucene search
K

3503 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/18 7:33 a.m.2 views

CVE-2026-22318

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS6.2AI score0.00339EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/18 7:33 a.m.26 views

CVE-2026-22318 Stack-Based Buffer Overflow in File Transfer Parameter Handling

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/18 7:33 a.m.3 views

CVE-2026-22318 Stack-Based Buffer Overflow in File Transfer Parameter Handling

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS6.2AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2026/03/18 7:33 a.m.13 views

CVE-2026-22318

CVE-2026-22318 describes a stack-based buffer overflow in the device’s file transfer parameter workflow. A high-privilege attacker can send oversized POST parameters, leading to memory corruption in an internal process and a DoS condition. The affected component is the file transfer parameter han...

4.9CVSS6.2AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/18 7:33 a.m.6 views

CVE-2026-22316

A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack...

6.5CVSS6AI score0.00378EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.4 views

PT-2026-26034

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

4.9CVSS6.3AI score0.00339EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.5 views

PT-2026-26032

CVE-2026-22316 A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting … https://t.co/Wf4fwn1VYa...

6.5CVSS6AI score0.00378EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.10 views

PHOENIX CONTACT FL NAT 安全漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow in the device file transfer parameter workflow. This vulnerability could...

4.9CVSS6.1AI score0.00339EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/17 8:1 a.m.5 views

SFTP root escape via component-agnostic prefix check in ssh_sftpd

...

5.4CVSS5.8AI score0.00363EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/16 5:32 p.m.6 views

SUSE CVE-2026-23942

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...

5.4CVSS5.7AI score0.00363EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12071

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

5.1CVSS5.8AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/03/16 10:57 a.m.5 views

USN-8093-1 libssh vulnerability

It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...

7.5CVSS7.1AI score0.00631EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/16 1:32 a.m.1 views

CVE-2026-4205

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

6.5CVSS5.5AI score0.035EPSS
Exploits1References8Affected Software20
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.14 views

PX4-Autopilot 安全漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions prior to PX4-Autopilot 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from logical errors in the FTP session verification of PX4 Autopilot MAVLink. As a result, unverified attackers cou...

6.5CVSS5.8AI score0.00387EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

IBM CICS Transaction Gateway for Multiplatforms 访问控制错误漏洞

IBM CICS Transaction Gateway for Multiplatforms is a transaction gateway software developed by the American multinational company International Business Machines IBM. Versions 9.3 and 10.1 of IBM CICS Transaction Gateway for Multiplatforms contain access control vulnerability issues. These...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.5 views

PX4-Autopilot 路径遍历漏洞

PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions prior to PX4-Autopilot 1.17.0-rc2 contained a path traversal vulnerability. This vulnerability stemmed from unvalidated path traversal in the PX4 Autopilot’s MAVLink FTP implementation, allowing any MAVLink peer to...

6.8CVSS6AI score0.00476EPSS
Exploits1References1
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1563 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1562 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/03/15 5:53 a.m.4 views

OESA-2026-1561 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/03/15 5:53 a.m.3 views

OESA-2026-1559 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS6.1AI score0.00582EPSS
Exploits0References6
Rows per page
Query Builder