3490 matches found
EUVD-2026-12789
A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...
Security update for gvfs
This update for gvfs fixes the following issues: CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. CVE-2026-28296: Fix ftp reject paths containing CR/LF characters bsc1258954. Patch Instructions: To install this SUSE update use the SUSE recommended installation...
CVE-2026-22320
A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...
CVE-2026-22318
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...
CVE-2026-22320 Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI
A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...
CVE-2026-22320 Stack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLI
A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...
CVE-2026-22320
A stack-based buffer overflow in the CLI’s TFTP file-transfer command handling can be triggered by a low-privileged attacker with Telnet/SSH access by supplying an unexpected or oversized filename input. This memory corruption affects the internal buffer, rendering the CLI and web dashboard unava...
CVE-2026-22318
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...
CVE-2026-22318 Stack-Based Buffer Overflow in File Transfer Parameter Handling
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...
CVE-2026-22318 Stack-Based Buffer Overflow in File Transfer Parameter Handling
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...
CVE-2026-22318
CVE-2026-22318 describes a stack-based buffer overflow in the device’s file transfer parameter workflow. A high-privilege attacker can send oversized POST parameters, leading to memory corruption in an internal process and a DoS condition. The affected component is the file transfer parameter han...
CVE-2026-22316
A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack...
PT-2026-26034
A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...
PHOENIX CONTACT FL NAT 安全漏洞
PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow in the device file transfer parameter workflow. This vulnerability could...
PT-2026-26032
CVE-2026-22316 A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting … https://t.co/Wf4fwn1VYa...
SFTP root escape via component-agnostic prefix check in ssh_sftpd
...
SUSE CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
EUVD-2026-12071
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...
USN-8093-1 libssh vulnerability
It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...
CVE-2026-4205
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...