Lucene search
+L

3898 matches found

CVE
CVE
added 7 hours ago7 views

CVE-2026-41993

TXOne Networks CVE-2026-41993 involves an Improper Access Control in the Removable Media Validation function. A local attacker with administrator privileges can bypass the file lockdown mechanism, enabling unauthorized file transfers to the victim device. Affected versions: SafePortAgent prior to...

6.7CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-45138

Improper Access Control vulnerability in the Removable Media Validation function of TXOne Networks products allows a local attacker with administrator privileges to bypass the file lockdown mechanism, resulting in unauthorized file transfer to the victim device. The attacker needs to deploy...

6.7CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added yesterday17 views

WS_FTP Server - Insecure Deserialization

In WSFTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WSFTP Server operating system. id: CVE-2023-40044 info: name: WSFTP Server - Insecure...

10CVSS7.2AI score0.9015EPSS
Exploits5References5
NVD
NVD
added 3 days ago3 views

CVE-2026-49172

Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code over a network...

9.8CVSS0.00674EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

KB5099540: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (July 2026)

The remote Windows host is missing security update 5099540. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...

9.9CVSS7.1AI score0.07356EPSS
Exploits3References326
Tenable Nessus
Tenable Nessus
added 3 days ago5 views

KB5099538: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2026)

The remote Windows host is missing security update 5099538. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...

9.9CVSS7.1AI score0.07356EPSS
Exploits3References312
Tenable Nessus
Tenable Nessus
added 3 days ago5 views

KB5099536: Windows Server 2025 Security Update (July 2026)

The remote Windows host is missing security update 5099536. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...

9.9CVSS7.1AI score0.07356EPSS
Exploits3References389
Tenable Nessus
Tenable Nessus
added 4 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-15146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that...

5.9CVSS6.2AI score0.00121EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-59996

A flaw was found in OpenSSH, a widely used tool for secure remote access. When a user attempts to copy files between two different remote systems using the scp command, the file might be incorrectly placed in a directory above the intended destination. This unintended file placement could lead to...

5.4CVSS6AI score0.00241EPSS
Exploits0References6
OSV
OSV
added last week6 views

CVE-2026-57850 RustDesk before 1.4.9 Missing Session Scope Enforcement Allows Out-of-Scope Control Message Injection

RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer granted a limited session type FileTransfer, PortForward, ViewCamera, or Terminal can send control messages and login options reserved for a full Remote session. An authenticated remote pe...

8.7CVSS6.1AI score0.00334EPSS
Exploits0References6
CVE
CVE
added last week17 views

CVE-2026-57850

RustDesk before 1.4.9 fails to enforce a session’s authorized connection scope on the server side. A peer with a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal) can send control messages and login options intended for a full Remote session, enabling actions outside its g...

8.7CVSS6.1AI score0.00334EPSS
Exploits0References4
NVD
NVD
added last week8 views

CVE-2026-15146

GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...

5.9CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added last week3 views

UBUNTU-CVE-2026-15146

GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...

5.9CVSS6.2AI score0.00121EPSS
Exploits0References5
Metasploit
Metasploit
added last week22 views

FTP Fetch, Windows Reverse HTTP Stager (winhttp)

Fetch and execute an x86 payload from an FTP server. Tunnel communication over HTTP Windows winhttp Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week30 views

FTP Fetch, Windows Executable Download (http,https,ftp) and Execute

Fetch and execute an x86 payload from an FTP server. Download an EXE from an HTTPS/FTP URL and execute it Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week30 views

FTP Fetch, Windows x86 Reverse Named Pipe (SMB) Stager

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker via a named pipe pivot Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week33 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP includ...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week22 views

FTP Fetch, Windows x64 Reverse TCP Stager

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week27 views

FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline x64

Fetch and execute an x64 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week18 views

FTP Fetch, Windows shellcode stage, Windows Reverse HTTP Stager (winhttp)

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Tunnel communication over HTTP Windows winhttp Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule includ...

6.2AI score
Exploits0
Rows per page
Query Builder