CVE-2020-37069

Konica Minolta FTP Utility 1.0 has a buffer overflow in the NLST command. An oversized input (1500 'A' characters) can crash the FTP server and potentially allow unauthorized code execution. This affects the NLST handling in Konica Minolta FTP Utility 1.0 and is reported with high impact (availab...

Konica Minolta FTP Utility 安全漏洞

Konica Minolta FTP Utility is a scanning software developed by Konica Minolta, Inc. in Japan. Version 1.0 of Konica Minolta FTP Utility contains a security vulnerability, which stems from a buffer overflow in the NLST command. This vulnerability may allow unauthorized code to be executed...

PT-2026-5820

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-50951

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

EUVD-2022-55946

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

CVE-2022-50951 WiFi File Transfer 1.0.8 Persistent XSS via Web Server Input Validation

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

CVE-2022-50951

WiFi File Transfer 1.0.8 has a persistent cross-site scripting (XSS) vulnerability via the web server input validation. Attackers can inject malicious scripts through file or folder names, leading to arbitrary JavaScript execution when users preview infected file paths and potentially compromisin...

dooblou WiFi File Transfer 跨站脚本漏洞

Dooblou WiFi File Transfer is a file transfer application developed by the dooblou company. Version 1.0.8 of Dooblou WiFi File Transfer contains a cross-site scripting vulnerability. This vulnerability stems from the use of file and folder names that contain storage-type cross-site scripts,...

PT-2026-5572

WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow

FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

CVE-2025-15541

The CVE-2025-15541 entry describes an improper link resolution in the VX800v v1.0 SFTP service on TP-Link devices. Authenticated adjacent attackers can abuse crafted symbolic links to access system files, exposing high confidentiality impact and low integrity risk. Affected component: VX800v v1.0...

CVE-2025-15541

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...

CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service

QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of SFTP service links, which may allow authenticated neighboring attackers to access system files using specially craft...

QlikView security vulnerabilities

QlikView is a business intelligence and data visualization analysis software developed by the American company QlikView Corporation. Version QlikView 12.50.20000.0 contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the FTP server address input...