3492 matches found
EUVD-2024-54999
Malicious code in bioql PyPI...
EUVD-2022-52223
Malicious code in bioql PyPI...
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
...
Exploit for OS Command Injection in Vsftpd_Project Vsftpd
vsFTPd 2.3.4 백도어 취약점CVE-2011-2523 재현 취약점 정보 CVE-2011-2...
CVE-2025-10957
This vulnerability exists in the Syrotech SY-GPON-2010-WADONT router due to improper access control in its FTP service. A remote attacker could exploit this vulnerability by establishing an FTP connection using default credentials, potentially gaining unauthorized access to configuration files,...
Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems
Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability CVE-2025-10035 in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover...
PT-2025-39363
Name of the Vulnerable Software and Affected Versions Syrotech SY-GPON-2010-WADONT router affected versions not specified Description The Syrotech SY-GPON-2010-WADONT router contains a flaw related to improper access control within its FTP service. A remote attacker can connect via FTP using...
Syrotech SY-GPON-2010-WADONT 访问控制错误漏洞
The Syrotech SY-GPON-2010-WADONT is an optical network termination device from Syrotech India. An access control error vulnerability exists in the Syrotech SY-GPON-2010-WADONT that stems from improper access control of the FTP service, which could lead to unauthorized access...
[SECURITY] Fedora 41 Update: libssh-0.11.3-1.fc41
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
CLSA-2025-1758705355 Fix CVE(s): CVE-2025-5318
SECURITY UPDATE: out-of-bounds read in sftphandle function - debian/patches/CVE-2025-5318.patch: fix possible buffer overrun issue in sftpserver.c by changing conditional from val SFTPHANDLES to val = SFTPHANDLES - CVE-2025-5318...
curl: CVE-2025-10966: missing SFTP host verification with wolfSSH
Summary: When curl is built with the wolfSSH backend, the SSH/SFTP implementation in lib/vssh/wolfssh.c performs no server host key verification and exposes no host identity options in the curl tool. I verified this locally by building curl with wolfSSH binary reports wolfssh/1.4.20, observing th...
ProFTPD Detection Consolidation
Consolidation of ProFTPD detections. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.155379";...
Exploit for CVE-2025-10035
CVE-2025-10035 How does this detection method work? Detec...
[SECURITY] Fedora 43 Update: libssh-0.11.3-1.fc43
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
DEBIAN-CVE-2022-50271
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over vsock, data size is usually 32kB, and kmalloc seems to fail to try to allocate 32 32kB regions. vhost-5837: page allocation failure:...
smbmap
This is a Python script for a tool called SMBMap, which is designed to enumerate Samba share drives across an entire domain. The tool allows users to list share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
Linux Distros Unpatched Vulnerability : CVE-2025-48038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...