898 matches found
shellshocker-pocs
This is a collection of Proof of Concepts PoCs and potential targets for the ShellShocker vulnerability. The PoCs are designed to exploit the vulnerability in various products and services, including XMPP ejabberd, Mailman, MySQL, NFS, Bind9, FTP, and others. The PoCs are primarily focused on...
Security Bulletin: SSH servers which implement file transfer protocols are vulnerable, which affects IBM watsonx.data
Summary UsSSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. These can affect watsonx.data. Vulnerability Detail...
CVE-2025-7426
The CVE-2025-7426 entry relates to MINOVA TTA, where the FTP credentials are exposed through the debug port 1604 on the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account and could enable data manipulation or extraction in automated processes (EDI/data integrat...
MINOVA TTA 安全漏洞
MINOVA TTA is an automated oil loading and unloading system from MINOVA, Germany. A security vulnerability exists in MINOVA TTA that originates from the exposure of FTP credentials on debug port 1604, which could lead to unauthenticated remote access and data disclosure...
Linux Distros Unpatched Vulnerability : CVE-2010-4756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The glob implementation in the GNU C Library aka glibc or libc6 allows remote authenticated users to cause a denial of service CPU and memory consumption via...
CVE-2010-20108
FTPPad = 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate...
CVE-2010-20122 Xftp FTP Client <= 3.0 PWD Response Buffer Overflow
Xftp FTP Client version up to and including 3.0 build 0238 contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the...
CVE-2010-20034
Gekko Manager FTP Client = 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the...
CVE-2010-20108
CVE-2010-20108 affects FTPPad
CVE-2010-20107
CVE-2010-20107 describes a stack-based buffer overflow in FTP Synchronizer Professional prior to or equal to 4.0.73.274. When the client issues a LIST command, a server response containing an overly long filename can overflow the buffer and corrupt the Structured Exception Handler (SEH), potentia...
PT-2025-34306 · Ftppad · Ftppad
Name of the Vulnerable Software and Affected Versions: FTPPad versions prior to 1.3.0 Description: FTPPad contains a stack-based buffer overflow in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessive...
PT-2025-34305 · Unknown · Ftp Synchronizer Professional
Name of the Vulnerable Software and Affected Versions: FTP Synchronizer Professional versions prior to 4.0.73.274 Description: A stack-based buffer overflow exists in FTP Synchronizer Professional when the client connects to an FTP server and issues a LIST command. A server response containing an...
CVE-2010-20049
LeapFTP 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler SEH chain...
CVE-2010-20103
ProFTPD 1.3.3c contains a backdoor in its source tarball (Nov 28–Dec 2, 2010) enabling a hidden FTP command trigger that executes arbitrary shell commands as root. This is a remote, unauthenticated escalation. Remediate by upgrading to ProFTPD 1.3.3d or newer (per connected SNYK advisory).
CVE-2010-20045
FileWrangler = 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires...
CVE-2025-6625
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...
OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...
CursorArts FileWrangler 安全漏洞
CursorArts FileWrangler is a file management program from CursorArts, Inc. A security vulnerability exists in CursorArts FileWrangler 5.30 and earlier versions, which stems from a stack-based buffer overflow when parsing FTP server directory listings, and could lead to the execution of arbitrary...
CVE-2025-6625
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...
CVE-2025-6625
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...