Lucene search
K

3503 matches found

OSV
OSV
added 2026/03/15 5:53 a.m.4 views

OESA-2026-1558 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS6.1AI score0.00582EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/03/14 6:28 p.m.128 views

Exploit for Classic Buffer Overflow in Freefloat Freefloat_Ftp_Server

Explotando-FreeFloatFTP-CVE-2025-55...

9.8CVSS5.8AI score0.10139EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/03/14 1:40 p.m.104 views

comp5003-sweeny-pentest

COMP5003: Sweeny Barbers Penetration Test Full ethical hackin...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/13 9:20 p.m.5 views

CVE-2026-32713

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

4.3CVSS5.8AI score0.00387EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/13 9:20 p.m.7 views

CVE-2026-32713 PX4 Autopilot MAVLink FTP Session Validation Logic Error Allows Operations on Invalid File Descriptors

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

4.3CVSS5.8AI score0.00387EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/13 9:19 p.m.32 views

CVE-2026-32709 PX4 Autopilot MAVLink FTP Unauthenticated Path Traversal (Arbitrary File Read/Write/Delete)

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, An unauthenticated path traversal vulnerability in the PX4 Autopilot MAVLink FTP implementation allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on the flight controller filesystem withou...

5.4CVSS0.00476EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:11 p.m.2 views

CVE-2026-0977

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

5.1CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/13 8:11 p.m.32 views

CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms Information Disclosure

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

5.1CVSS0.00205EPSS
Exploits0References1
OSV
OSV
added 2026/03/13 9:11 a.m.8 views

EEF-CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd

Summary Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.5 views

PT-2026-25394

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, An unauthenticated path traversal vulnerability in the PX4 Autopilot MAVLink FTP implementation allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on the flight controller filesystem withou...

5.4CVSS5.9AI score0.00476EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.4 views

PT-2026-25371

CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls. https://t.co/mXB9t9PNuK...

5.1CVSS5.8AI score0.00205EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.9 views

PT-2026-25395

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

4.3CVSS5.8AI score0.00387EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/12 2:22 p.m.4 views

EUVD-2026-11377

Copyparty ftp/sftp: Sharing a single file did not fully restrict source-folder access...

2.3CVSS5.8AI score0.00274EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/12 2:22 p.m.8 views

Copyparty ftp/sftp: Sharing a single file did not fully restrict source-folder access

There was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies in the following scenario: The shares feature is used for the specific purpose of creating a share of just a single file inside a folder Either the FTP or SFTP server is enabled, and...

6.5CVSS5.8AI score0.00274EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/03/11 10:40 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the shares feature when a single file is shared inside a folder and either the FTP or SFTP server is enabled and publicly accessible. An attacker can gain unauthorized read access to other files within the sam...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 9:16 p.m.4 views

CVE-2026-32108

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

6.5CVSS0.00274EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 9:16 p.m.9 views

PYSEC-2026-31

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

6.5CVSS5.8AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 8:14 p.m.3 views

CVE-2026-32108 Copyparty ftp/sftp: Sharing a single file did not fully restrict source-folder access

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

2.3CVSS5.8AI score0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:14 p.m.4 views

CVE-2026-32108

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/11 8:14 p.m.31 views

CVE-2026-32108 Copyparty ftp/sftp: Sharing a single file did not fully restrict source-folder access

Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature the shr global-option. This vulnerability only applies when the shares feature is used for the specific purpose of creating a share of just a single file inside a folder or either the...

2.3CVSS0.00274EPSS
Exploits0References1
Rows per page
Query Builder