Lucene search
K

1565 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53576

Malicious code in bioql PyPI...

7.5CVSS5.5AI score0.01064EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/09/23 12:0 a.m.6 views

ProFTPD < 1.3.8c Access Control Vulnerability

ProFTPD is prone to an access control vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd";...

7.5CVSS7AI score0.02204EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/23 12:0 a.m.3 views

ProFTPD <= 1.3.9 Buffer Overflow Vulnerability

ProFTPD is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd";...

7.5CVSS7.4AI score0.01064EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/23 12:0 a.m.3 views

ProFTPD < 1.3.8b OpenSSH Terrapin Attack

ProFTPD is prone to the SSH SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd"; ifdescription...

5.9CVSS7AI score0.93305EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2025/09/22 12:0 a.m.4 views

ProFTPD Detection Consolidation

Consolidation of ProFTPD detections. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.155379";...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/18 12:0 a.m.2 views

GLSA-202509-06 : ProFTPd: SSH Terrapin vulnerability

The remote host is affected by the vulnerability described in GLSA-202509-06 ProFTPd: SSH Terrapin vulnerability A vulnerability has been discovered in ProFTPd. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...

5.9CVSS6.9AI score0.93305EPSS
Exploits4References3
Gentoo Linux
Gentoo Linux
added 2025/09/17 12:0 a.m.8 views

ProFTPd: SSH Terrapin vulnerability

Background ProFTPD is an advanced and very configurable FTP server. Description A vulnerability has been discovered in ProFTPd. Please review the CVE identifier referenced below for details. Impact The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

5.9CVSS7.4AI score0.93305EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-46854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modradius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. CVE-2021-46854 Note that Nessus relies ...

7.5CVSS6AI score0.01129EPSS
Exploits1References2
OSV
OSV
added 2025/08/29 11:17 a.m.1 views

OESA-2025-2083 proftpd security update

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

7.5CVSS8AI score0.01064EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-19271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries install...

7.5CVSS6.6AI score0.01122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-19269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL...

4.9CVSS6.2AI score0.01645EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-9273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in allocpool in pool.c, an...

9CVSS6.7AI score0.10985EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-51713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

7.5CVSS7.2AI score0.04249EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-19272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer a variable initialized to NULL leads to a crash when...

7.5CVSS6.3AI score0.00947EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-19270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry checking twice for subject, rather...

7.5CVSS6.3AI score0.01014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2019-12815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a...

10CVSS7.2AI score0.96803EPSS
Exploits22References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-3125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than...

7.5CVSS7.3AI score0.06979EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-7418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks...

5.5CVSS6AI score0.00419EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/20 11:44 p.m.7 views

SUSE CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

9.8CVSS8AI score0.04753EPSS
Exploits1References3
Snyk
Snyk
added 2025/08/20 4:44 p.m.5 views

Hidden Functionality

Overview Affected versions of this package are vulnerable to Hidden Functionality via a hidden FTP command trigger in the process. An attacker can execute arbitrary shell commands with root privileges by sending a specially crafted FTP command. Remediation Upgrade proftpd/proftpd to version 1.3.3...

9.8CVSS7.5AI score0.04753EPSS
Exploits1References2
Rows per page
Query Builder