CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE•added 2026/04/21 2:10 p.m.•5 views

CVE-2025-1241

CVE-2025-1241 affects Fortra GoAnywhere MFT (prior to 7.10.0) and GoAnywhere Agents (prior to 2.2.0) where a static IV enables brute-force decryption of encrypted values. Impact is confidentiality (high), with network access required and admin privileges needed. Remediation: upgrade to GoAnywhere...

5.8CVSS5.8AI score0.00018EPSS

Exploits0References1Affected Software2

ATTACKERKB•added 2026/04/21 2:10 p.m.•2 views

CVE-2025-1241

Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data...

5.8CVSS5.8AI score0.00018EPSS

Exploits0References2

Positive Technologies•added 2026/04/21 12:0 a.m.•2 views

PT-2026-33974

Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data...

5.8CVSS5.8AI score0.00018EPSS

Exploits0References2

EUVD•added 2025/12/05 8:56 p.m.•1 views

EUVD-2025-201495

An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...

4.2CVSS6.4AI score0.00028EPSS

Exploits0References2

CNNVD•added 2025/12/05 12:0 a.m.•1 views

Fortra GoAnywhere MFT 安全漏洞

Fortra GoAnywhere MFT is a file transfer software from Fortra, Inc. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.9.0, which stems from improper access control of the SFTP service, and could result in a Web user logging in with an SSH key...

4.2CVSS6.6AI score0.00028EPSS

Exploits0References2

HackRead•added 2025/10/07 3:33 p.m.•4 views

Medusa Ransomware Exploiting GoAnywhere MFT Flaw, Confirms Microsoft

Latest reports suggest the critical GoAnywhere MFT vulnerability CVE-2025-10035, CVSS 10.0 is actively exploited by the Medusa ransomware gang for unauthenticated RCE. Patch immediately...

10CVSS7.5AI score0.59337EPSS

Exploits2

HackRead•added 2025/09/25 10:36 a.m.•6 views

Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems

Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability CVE-2025-10035 in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover...

10CVSS7.3AI score0.59337EPSS

Exploits2

GithubExploit•added 2025/09/20 7:35 a.m.•272 views

Exploit for CVE-2025-10035

CVE-2025-10035 How does this detection method work? Detec...

10CVSS6.8AI score0.59337EPSS

Exploits2

CNNVD•added 2024/12/13 12:0 a.m.•1 views

Fortra GoAnywhere MFT 安全漏洞

Fortra GoAnywhere MFT is a secure file transfer solution from Fortra USA. A security vulnerability exists in Fortra GoAnywhere MFT versions prior to 7.7.0 that stems from an information disclosure vulnerability that allows external access to resources in certain administrative root folders...

5.3CVSS6.1AI score0.00228EPSS

Exploits0References2

VulnCheck KEV•added 2024/01/25 12:0 a.m.•0 views

VulnCheck KEV: CVE-2024-0204

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal...

9.8CVSS7.4AI score0.93048EPSS

Exploits8References1

CNNVD•added 2023/02/06 12:0 a.m.•3 views

HelpSystems GoAnywhere MFT 代码问题漏洞

HelpSystems GoAnywhere MFT is a hosted file transfer software from HelpSystems USA. A security vulnerability exists in HelpSystems GoAnywhere MFT that stems from incorrect authentication, which can lead to command injection...

7.2CVSS8.2AI score0.94378EPSS

Exploits12References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by