Lucene search
K

3515 matches found

Fedora
Fedora
added 2026/05/08 7:40 p.m.10 views

[SECURITY] Fedora 42 Update: proftpd-1.3.9a-1.fc42

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

8.1CVSS6AI score0.05004EPSS
Exploits6
EUVD
EUVD
added 2026/05/08 6:43 p.m.10 views

EUVD-2026-28515

Electerm Security Vulnerability: RCE via malicious SSH server filename in openFileWithEditor...

7.8CVSS5.8AI score0.00167EPSS
Exploits0References4
Rapid7 Blog
Rapid7 Blog
added 2026/05/08 6:26 p.m.9 views

Metasploit Wrap-Up 05/08/2026

Spring cleanup This week’s Metasploit updates focused on foundational improvements and expanded target reach. Key enhancements were made to the recently released Copy Fail exploit module, which now benefits from payload fixes in linux/x64/exec and linux/armle/exec. These changes expand its...

5.7AI score0.07085EPSS
Exploits1
OSV
OSV
added 2026/05/08 8:59 a.m.7 views

SUSE-SU-2026:1763-1 Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls

This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: -...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Electerm 操作系统命令注入漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm prior to 3.7.9 contained an operating system command injection vulnerability. This vulnerability stemmed from the lack of filename cleaning in the SFTP editing function, which could allow...

7.8CVSS6.2AI score0.00167EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/07 9:45 p.m.9 views

NPM: mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening

NPM: mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening vulnerability discovered by ? in WordPress Npm mcp-ssh-tool versions = 2.1.0...

5.8AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/05/06 7:37 p.m.11 views

NPM: basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering

NPM: basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering vulnerability discovered by ? in WordPress Npm basic-ftp versions = 5.3.0...

7.5CVSS5.8AI score0.00465EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/06 7:37 p.m.8 views

basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering

Summary basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before authentication. The client keeps appending...

7.5CVSS6AI score0.00465EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/06 7:37 p.m.6 views

GHSA-RPMF-866Q-6P89 basic-ftp allows a malicious FTP server to cause client-side denial of service via unbounded multiline control response buffering

Summary basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before authentication. The client keeps appending...

7.5CVSS6AI score0.00465EPSS
Exploits0References3
Metasploit
Metasploit
added 2026/05/06 7:1 p.m.331 views

Anonymous FTP Access Detection

Detect anonymous read/write FTP service access. Module Options msf use auxiliary/scanner/ftp/ftpanonymous msf auxiliaryftpanonymous show actions ...actions... msf auxiliaryftpanonymous set ACTION msf auxiliaryftpanonymous show options ...show and set options... msf auxiliaryftpanonymous run...

5.9AI score0.07085EPSS
Exploits1
Circl
Circl
added 2026/05/06 1:28 p.m.7 views

CVE-1999-0497

creationtimestamp| type| source ---|---|--- 2026-05-06 13:28:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/ftpanonymous.rb...

5.7AI score0.07085EPSS
Exploits1References1
Fedora
Fedora
added 2026/05/06 12:51 a.m.10 views

[SECURITY] Fedora 44 Update: squid-7.5-1.fc44

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

9.2CVSS5.8AI score0.08942EPSS
Exploits0
EUVD
EUVD
added 2026/05/05 6:33 p.m.14 views

EUVD-2026-27345

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References4
NVD
NVD
added 2026/05/05 4:16 p.m.45 views

CVE-2026-34956

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS0.00405EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 4:16 p.m.6 views

UBUNTU-CVE-2026-34956

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/05 3:45 p.m.7 views

CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
CVE
CVE
added 2026/05/05 3:45 p.m.16 views

CVE-2026-34956

CVE-2026-34956 affects Open vSwitch: the vulnerability is in the userspace conntrack FTP ALG handler where a crafted FTP payload (EPASV/FTP substrings) can trigger an invalid memory access due to type narrowing when copying FTP substrings. This memory access can crash the process, causing Denial ...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 3:45 p.m.43 views

CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS0.00405EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.7 views

Open vSwitch 安全漏洞

Open vSwitch is a virtual switch developed as part of the Collaborative Project. There is a security vulnerability in Open vSwitch. This vulnerability arises when configuring conntrack streams that use FTP auxiliary programs. A remote attacker can send a specially crafted FTP stream, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 1:12 p.m.7 views

JLSEC-2026-424 curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was...

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more...

4.3CVSS5.9AI score0.0039EPSS
Exploits1References6
Rows per page
Query Builder