3503 matches found
CVE-2025-22869 Potential denial of service in golang.org/x/crypto
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
GO-2025-3487 Potential denial of service in golang.org/x/crypto
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
The vulnerability of the FTP protocol implementation of the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose protected information.
The vulnerability of the FTP protocol implementation in the MIR KT-51 software controller and the MIR controller configuration tool lies in the transmission of data in an open manner. Exploiting this vulnerability allows a malicious actor to disclose the protected information...
CVE-2025-27142
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...
CVE-2025-27142 LocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commands
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...
PT-2025-8666
Name of the Vulnerable Software and Affected Versions Teleport affected versions not specified Description The issue allows a denial of service attack against SSH servers that implement file transfer protocols. This occurs when clients complete the key exchange slowly or not at all, causing pendi...
AZL-57083 CVE-2025-26618 affecting package erlang for versions less than 26.2.5.9-1
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...
DEBIAN-CVE-2025-26618
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...
Erlang/OTP 安全漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP that stems from not properly validating SFTP packet sizes, which can result in...
Nozomi Networks TCP/IP Gateway 安全漏洞
Nozomi Networks TCP/IP Gateway is a gateway program from Nozomi Networks, Inc. A security vulnerability exists in Nozomi Networks TCP/IP Gateway version 12h, which stems from the use of default credentials, and could lead to a remote attacker accessing the FTP server and altering resources...
Dell UCC Edge 代码问题漏洞
Dell UCC Edge is a Dell APEX metering solution from Dell USA. A code issue vulnerability exists in Dell UCC Edge version 2.3.0 that stems from a failure to validate input when adding a customer SFTP server...
PT-2025-6277
Name of the Vulnerable Software and Affected Versions: Dell UCC Edge version 2.3.0 Description: The issue concerns a Blind SSRF vulnerability in the Add Customer SFTP Server of Dell UCC Edge. An unauthenticated attacker with local access could exploit this, leading to Server-Side Request Forgery...
CVE-2025-24366
SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...
CVE-2025-24366 Insufficient sanitization of user provided rsync command in SFTPGo
SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...
CVE-2025-24366 Insufficient sanitization of user provided rsync command in SFTPGo
SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...
CVE-2022-23767
This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal vulnerability is also identified during file transfer. An attacker can take advantage of these vulnerabilities to perform various attacks such as obtaining privileges and executing remote code, thereb...
CVE-2020-26074
A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...
CVE-2024-33700
The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...
Xerox Versalink 安全漏洞
Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...