Lucene search
K

3503 matches found

Fedora
Fedora
added 2026/02/18 12:56 a.m.9 views

[SECURITY] Fedora 42 Update: libssh-0.11.4-1.fc42

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.6AI score0.00582EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

NFTP 安全漏洞

NFTP is a file transfer tool developed by Sergey V. Ayukov. Version 1.71 of NFTP contains a security vulnerability; this vulnerability stems from a buffer overflow in the handling of the SYST command, which could allow remote attackers to execute arbitrary code...

9.8CVSS6.4AI score0.00638EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.198 views

📄 pfSense Ultimate Exploit Framework

This Python script is an exploitation framework targeting two authenticated remote code execution vulnerabilities in pfSense. One exploit vector is an unsafe deserialization in pfSense CE version 2.7.2 and another is related to XMLRPC execphp abuse in pfSense CE version 2.8.0...

6.6AI score0.00634EPSS
Exploits5
Github Security Blog
Github Security Blog
added 2026/02/17 9:27 p.m.7 views

emp3r0r Affected by Concurrent Map Access DoS (panic/crash)

Summary Multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash availability loss. Vulnerable Componentwith code examples Operator relay map h...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/02/17 9:27 p.m.3 views

GHSA-F5P9-J34Q-PWCC emp3r0r Affected by Concurrent Map Access DoS (panic/crash)

Summary Multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash availability loss. Vulnerable Componentwith code examples Operator relay map h...

7CVSS5.5AI score0.00291EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/02/17 8:43 p.m.141 views

Startup

Startup – Professional Write-up Platform: TryHackMe Tar...

6.8AI score
Exploits0
Snyk
Snyk
added 2026/02/17 5:15 p.m.3 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration that allows several server functions to execute in an SFTP session after the user account has been deleted or its password changed. A user can maintain unexpected access to the server by keeping an SFTP...

7.5CVSS5.6AI score
Exploits0References3
Snyk
Snyk
added 2026/02/17 5:15 p.m.5 views

Insufficient Session Expiration

Overview pterodactyl/panel is a game management panel. Affected versions of this package are vulnerable to Insufficient Session Expiration that allows several server functions to execute in an SFTP session after the user account has been deleted or its password changed. A user can maintain...

7.5CVSS5.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/17 5:15 p.m.19 views

Pterodactyl Panel's SFTP sessions remain active after user account deletion or password change

Summary Deleting a user account with SFTP access or changing the user's password does not immediately terminate existing SFTP sessions, allowing continued filesystem access after credentials are revoked. This can result in unintended and unauthorized access to server files even after administrato...

5.5AI score
Exploits0References4Affected Software2
OSV
OSV
added 2026/02/17 5:15 p.m.4 views

GHSA-HR7J-63V7-VJ7G Pterodactyl Panel's SFTP sessions remain active after user account deletion or password change

Summary Deleting a user account with SFTP access or changing the user's password does not immediately terminate existing SFTP sessions, allowing continued filesystem access after credentials are revoked. This can result in unintended and unauthorized access to server files even after administrato...

7.5CVSS5.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-20338

Name of the Vulnerable Software and Affected Versions emp3r0r versions prior to 3.21.2 Description The software accesses multiple shared maps without consistent synchronization across goroutines. Concurrent activity can trigger a fatal error: concurrent map read and map write, leading to a C2...

9.9CVSS5.5AI score0.27661EPSS
Exploits45References116
Fedora
Fedora
added 2026/02/13 1:28 a.m.7 views

[SECURITY] Fedora 43 Update: libssh-0.11.4-1.fc43

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.7AI score0.00582EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/13 12:0 a.m.7 views

CVE-2026-0968

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.4AI score0.00442EPSS
Exploits0References4
OSV
OSV
added 2026/02/12 11:16 p.m.3 views

CVE-2019-25329

FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler SEH with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger ...

7.5CVSS5.8AI score0.00429EPSS
Exploits1References3
CVE
CVE
added 2026/02/12 10:48 p.m.9 views

CVE-2019-25332

FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows arbitrary code execution by overwriting the EIP register through a crafted command input; a 4108-byte payload can overwrite memory and execute shellcode. CVSS metrics indicate impact and exploitability (CVSS v4.0: ba...

8.4CVSS6.8AI score0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/12 10:48 p.m.4 views

CVE-2019-25329 FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)

FTP Navigator 8.03 contains a denial of service vulnerability that allows attackers to crash the application by overwriting Structured Exception Handler SEH with malicious input. Attackers can generate a payload of 4108 'A' characters followed by 4 'B' characters and 40 'C' characters to trigger ...

7.5CVSS5.6AI score0.00429EPSS
Exploits1References3
CVE
CVE
added 2026/02/12 10:48 p.m.14 views

CVE-2019-25321

CVE-2019-25321 affects FTP Navigator 8.03, where a stack overflow can be triggered by crafting a payload into the Custom Command textbox, allowing an attacker to overwrite Structured Exception Handler (SEH) registers and execute arbitrary code. The PoC demonstrates remote code execution, with a c...

9.8CVSS7.1AI score0.00669EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.6 views

PT-2026-7931

FTP Commander Pro 8.03 contains a local stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting the EIP register through a custom command input. Attackers can craft a malicious payload of 4108 bytes to overwrite memory and execute shellcode, demonstrating remot...

8.4CVSS6.8AI score0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/12 12:0 a.m.23 views

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

0.00391EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.3 views

PT-2026-7890

Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...

5.7AI score0.00391EPSS
Exploits0References6
Rows per page
Query Builder