Lucene search
K

898 matches found

Gitee
Gitee
added 2025/09/06 2:57 a.m.153 views

shellshocker-pocs

This is a collection of Proof of Concepts PoCs and potential targets for the ShellShocker vulnerability. The PoCs are designed to exploit the vulnerability in various products and services, including XMPP ejabberd, Mailman, MySQL, NFS, Bind9, FTP, and others. The PoCs are primarily focused on...

8.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/01 2:28 p.m.7 views

Security Bulletin: SSH servers which implement file transfer protocols are vulnerable, which affects IBM watsonx.data

Summary UsSSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. These can affect watsonx.data. Vulnerability Detail...

7.5CVSS6.6AI score0.00868EPSS
Exploits0Affected Software1
CVE
CVE
added 2025/08/25 8:52 a.m.27 views

CVE-2025-7426

The CVE-2025-7426 entry relates to MINOVA TTA, where the FTP credentials are exposed through the debug port 1604 on the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account and could enable data manipulation or extraction in automated processes (EDI/data integrat...

9.3CVSS7.2AI score0.00343EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.5 views

MINOVA TTA 安全漏洞

MINOVA TTA is an automated oil loading and unloading system from MINOVA, Germany. A security vulnerability exists in MINOVA TTA that originates from the exposure of FTP credentials on debug port 1604, which could lead to unauthenticated remote access and data disclosure...

9.3CVSS6.8AI score0.00343EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2010-4756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The glob implementation in the GNU C Library aka glibc or libc6 allows remote authenticated users to cause a denial of service CPU and memory consumption via...

4CVSS7.6AI score0.02633EPSS
Exploits2References2
NVD
NVD
added 2025/08/21 9:15 p.m.4 views

CVE-2010-20108

FTPPad = 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate...

8.4CVSS0.00476EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/21 8:16 p.m.8 views

CVE-2010-20122 Xftp FTP Client <= 3.0 PWD Response Buffer Overflow

Xftp FTP Client version up to and including 3.0 build 0238 contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the...

9.3CVSS8.7AI score0.00947EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:12 p.m.6 views

CVE-2010-20034

Gekko Manager FTP Client = 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the...

8.5CVSS6.4AI score0.00476EPSS
Exploits0References5
CVE
CVE
added 2025/08/21 8:11 p.m.12 views

CVE-2010-20108

CVE-2010-20108 affects FTPPad

8.4CVSS8.4AI score0.00476EPSS
Exploits0References5
CVE
CVE
added 2025/08/21 8:11 p.m.28 views

CVE-2010-20107

CVE-2010-20107 describes a stack-based buffer overflow in FTP Synchronizer Professional prior to or equal to 4.0.73.274. When the client issues a LIST command, a server response containing an overly long filename can overflow the buffer and corrupt the Structured Exception Handler (SEH), potentia...

8.5CVSS8.6AI score0.00476EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.6 views

PT-2025-34306 · Ftppad · Ftppad

Name of the Vulnerable Software and Affected Versions: FTPPad versions prior to 1.3.0 Description: FTPPad contains a stack-based buffer overflow in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessive...

8.4CVSS7.8AI score0.00476EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34305 · Unknown · Ftp Synchronizer Professional

Name of the Vulnerable Software and Affected Versions: FTP Synchronizer Professional versions prior to 4.0.73.274 Description: A stack-based buffer overflow exists in FTP Synchronizer Professional when the client connects to an FTP server and issues a LIST command. A server response containing an...

8.5CVSS7.6AI score0.00476EPSS
Exploits0References8
NVD
NVD
added 2025/08/20 4:15 p.m.6 views

CVE-2010-20049

LeapFTP 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler SEH chain...

9.3CVSS0.00743EPSS
Exploits0References5
CVE
CVE
added 2025/08/20 3:38 p.m.215 views

CVE-2010-20103

ProFTPD 1.3.3c contains a backdoor in its source tarball (Nov 28–Dec 2, 2010) enabling a hidden FTP command trigger that executes arbitrary shell commands as root. This is a remote, unauthenticated escalation. Remediate by upgrading to ProFTPD 1.3.3d or newer (per connected SNYK advisory).

9.8CVSS7.8AI score0.04753EPSS
In wildExploits1References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/08/20 3:32 p.m.5 views

CVE-2010-20045

FileWrangler = 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires...

8.5CVSS6.4AI score0.0032EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/20 7:38 a.m.6 views

CVE-2025-6625

CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...

8.7CVSS7.2AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2025/08/20 12:12 a.m.6 views

OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...

7.2AI score
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.2 views

CursorArts FileWrangler 安全漏洞

CursorArts FileWrangler is a file management program from CursorArts, Inc. A security vulnerability exists in CursorArts FileWrangler 5.30 and earlier versions, which stems from a stack-based buffer overflow when parsing FTP server directory listings, and could lead to the execution of arbitrary...

8.5CVSS7.3AI score0.0032EPSS
Exploits0References7
NVD
NVD
added 2025/08/18 7:15 a.m.4 views

CVE-2025-6625

CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...

8.7CVSS0.00455EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/18 6:58 a.m.9 views

CVE-2025-6625

CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device...

8.7CVSS0.00455EPSS
Exploits0References1
Rows per page
Query Builder