PT-2026-7921

FTP Navigator 8.03 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload that triggers a buffer overflow when pasted into the Custom Command textbox, enabling remot...

Open TFTP Server MultiThreaded 安全漏洞

Open TFTP Server MultiThreaded is a TFTP protocol file transfer tool developed by achaldhir as an individual developer. Version 1.7 of Open TFTP Server MultiThreaded contains a security vulnerability. This vulnerability stems from a heap buffer overflow in the processRequest function, which may...

PT-2026-7601

BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to insert malicious code that would execute with...

libssh 安全漏洞

libssh is a C-language development package from the libssh organization, designed for accessing SSH services. It can execute remote commands, transfer files, and provide a secure transmission channel for remote programs. libssh has a security vulnerability that stems from malformed SFTP messages,...

libssh 安全漏洞

libssh is a C-language development package from the libssh organization that allows access to SSH services. It can execute remote commands, transfer files, and provide a secure transmission channel for remote programs. libssh has a security vulnerability, which stems from improper handling of...

CVE-2020-37155 Core FTP Lite 1.3 - Denial of Service (PoC)

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. Attackers can generate a 7000-byte payload of repeated 'A' characters to trigger an application crash without requiring additional...

Odin Secure FTP Expert 安全漏洞

Odin Secure FTP Expert is an FTP client software developed by Odin Secure Corporation. Version 7.6.3 of Odin Secure FTP Expert contains a security vulnerability, which stems from improper handling of site information fields, potentially leading to application crashes...

Wing FTP Server 代码问题漏洞

Wing FTP Server is an open-source, cross-platform FTP server software developed by Wing FTP Server. Version 6.0.7 of Wing FTP Server has a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain system privileges...

CVE-2019-25267 Wing FTP Server 6.0.7 - Unquoted Service Path

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

CVE-2026-25055

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

CVE-2020-37068

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

CVE-2020-37069

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

CVE-2020-37069

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

CVE-2020-37069

Konica Minolta FTP Utility 1.0 has a buffer overflow in the NLST command. An oversized input (1500 'A' characters) can crash the FTP server and potentially allow unauthorized code execution. This affects the NLST handling in Konica Minolta FTP Utility 1.0 and is reported with high impact (availab...

PT-2026-5820

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

Konica Minolta FTP Utility 安全漏洞

Konica Minolta FTP Utility is a scanning software developed by Konica Minolta, Inc. in Japan. Version 1.0 of Konica Minolta FTP Utility contains a security vulnerability, which stems from a buffer overflow in the NLST command. This vulnerability may allow unauthorized code to be executed...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-50951

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

EUVD-2022-55946

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

CVE-2022-50951

WiFi File Transfer 1.0.8 has a persistent cross-site scripting (XSS) vulnerability via the web server input validation. Attackers can inject malicious scripts through file or folder names, leading to arbitrary JavaScript execution when users preview infected file paths and potentially compromisin...