Lucene search
K

3503 matches found

Vulnrichment
Vulnrichment
added 2025/02/26 3:7 a.m.16 views

CVE-2025-22869 Potential denial of service in golang.org/x/crypto

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.3AI score0.00868EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/02/26 3:7 a.m.6 views

CVE-2025-22869

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS7.2AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/02/26 2:51 a.m.8 views

GO-2025-3487 Potential denial of service in golang.org/x/crypto

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.6 views

The vulnerability of the FTP protocol implementation of the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose protected information.

The vulnerability of the FTP protocol implementation in the MIR KT-51 software controller and the MIR controller configuration tool lies in the transmission of data in an open manner. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

7.5CVSS5.5AI score
Exploits0Affected Software2
NVD
NVD
added 2025/02/25 8:15 p.m.46 views

CVE-2025-27142

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...

8.8CVSS0.00514EPSS
Exploits0References2
OSV
OSV
added 2025/02/25 8:3 p.m.16 views

CVE-2025-27142 LocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commands

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...

8.7CVSS7.2AI score0.00514EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.7 views

PT-2025-8666

Name of the Vulnerable Software and Affected Versions Teleport affected versions not specified Description The issue allows a denial of service attack against SSH servers that implement file transfer protocols. This occurs when clients complete the key exchange slowly or not at all, causing pendi...

7.8CVSS7.7AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/02/20 7:15 p.m.8 views

AZL-57083 CVE-2025-26618 affecting package erlang for versions less than 26.2.5.9-1

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

7CVSS5.6AI score0.0046EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 7:15 p.m.3 views

DEBIAN-CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

7CVSS6.2AI score0.0046EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.3 views

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP that stems from not properly validating SFTP packet sizes, which can result in...

7CVSS7AI score0.0046EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.2 views

Nozomi Networks TCP/IP Gateway 安全漏洞

Nozomi Networks TCP/IP Gateway is a gateway program from Nozomi Networks, Inc. A security vulnerability exists in Nozomi Networks TCP/IP Gateway version 12h, which stems from the use of default credentials, and could lead to a remote attacker accessing the FTP server and altering resources...

7.6CVSS6.7AI score0.00316EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.1 views

Dell UCC Edge 代码问题漏洞

Dell UCC Edge is a Dell APEX metering solution from Dell USA. A code issue vulnerability exists in Dell UCC Edge version 2.3.0 that stems from a failure to validate input when adding a customer SFTP server...

7.9CVSS6.9AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.5 views

PT-2025-6277

Name of the Vulnerable Software and Affected Versions: Dell UCC Edge version 2.3.0 Description: The issue concerns a Blind SSRF vulnerability in the Add Customer SFTP Server of Dell UCC Edge. An unauthenticated attacker with local access could exploit this, leading to Server-Side Request Forgery...

7.9CVSS6AI score0.00143EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/09 10:29 p.m.11 views

CVE-2025-24366

SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...

7.5CVSS6.9AI score0.0067EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 9:16 p.m.19 views

CVE-2025-24366 Insufficient sanitization of user provided rsync command in SFTPGo

SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...

7.5CVSS7.1AI score0.0067EPSS
Exploits0References2
OSV
OSV
added 2025/02/07 9:16 p.m.14 views

CVE-2025-24366 Insufficient sanitization of user provided rsync command in SFTPGo

SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...

7.5CVSS6.8AI score0.0067EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 11:29 p.m.13 views

CVE-2022-23767

This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal vulnerability is also identified during file transfer. An attacker can take advantage of these vulnerabilities to perform various attacks such as obtaining privileges and executing remote code, thereb...

9.8CVSS7.2AI score0.00806EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:39 p.m.13 views

CVE-2020-26074

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...

7.8CVSS6.7AI score0.00185EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 2:44 a.m.1 views

CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...

7.5CVSS6.7AI score0.0083EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.2 views

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...

7.6CVSS7.9AI score0.00573EPSS
Exploits0References1
Rows per page
Query Builder