Lucene search
K

1807 matches found

OSV
OSV
added 2026/05/04 1:12 p.m.8 views

JLSEC-2026-406

A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...

8.8CVSS6.1AI score0.02195EPSS
Exploits1References10
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Medium: libssh

Issue Overview: libssh OOB Read in sftpparselongname CVE-2026-0968 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.11.20260427 or dnf update --advisory ALAS2023-2026-1632 --releasever 2023.11.20260427 to update your system. More information on how to update you...

3.1CVSS5.2AI score0.00442EPSS
Exploits0
OSV
OSV
added 2026/04/29 8:22 p.m.5 views

GHSA-Q4Q6-R8WH-5CGH PhpSpreadsheet has SSRF/RCE in IOFactory::load when $filename is user controlled

The usage of isfile, used to verify if the $filename is indeed an actual file, by all? Reader implementations inside the helper function File::assertFile is php-wrapper aware, for any php wrappers implementing stat. The 3 wrappers ftp://, phar:// and ssh2.sftp://, all satisfy this requirement - 2...

9.2CVSS5.8AI score0.00712EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/29 8:22 p.m.8 views

PhpSpreadsheet has SSRF/RCE in IOFactory::load when $filename is user controlled

The usage of isfile, used to verify if the $filename is indeed an actual file, by all? Reader implementations inside the helper function File::assertFile is php-wrapper aware, for any php wrappers implementing stat. The 3 wrappers ftp://, phar:// and ssh2.sftp://, all satisfy this requirement - 2...

9.8CVSS5.7AI score0.00712EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/29 6:52 a.m.10 views

CLSA-2026-1777445542 libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

9.1CVSS6.8AI score0.06448EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-37096

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.30.3 PhpSpreadsheet versions 2.0.0 through 2.1.14 PhpSpreadsheet versions 2.2.0 through 2.4.3 PhpSpreadsheet versions 3.3.0 through 3.10.3 PhpSpreadsheet versions 4.0.0 through 5.5.0 Description When the...

10CVSS6.4AI score0.00712EPSS
Exploits1References16
OSV
OSV
added 2026/04/25 8:47 a.m.9 views

CLSA-2026-1777036898 libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/24 3:39 p.m.7 views

async-ssh2-tokio (>=0.2.0 <=0.8.11), dev-tunnels (=0.1.0) +6 more potentially affected by CVE-2026-42189 via russh (>=0.34.0 <=0.43.0)

russh CARGO version =0.34.0, =0.2.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.4.1 - sshrpc =0.1.0 - tunnels =0.1.0 Source cves: CVE-2026-42189 Source advisory: OSV:GHSA-F5V4-2WR6-HQMG...

7.5CVSS5.4AI score0.00481EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.13 views

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20607-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20607-1 advisory. Security issues fixed: - CVE-2026-21620: improper isolation and compartmentalization can lead to TFTP relative path traversal and remote arbitra...

9.8CVSS5.8AI score0.00644EPSS
Exploits0References22
Wolfi
Wolfi
added 2026/04/23 7:48 p.m.13 views

GHSA-J88V-2CHJ-QFWX vulnerabilities

Vulnerabilities for packages: pgtimetable, flyte, caddy, envoy-gateway, ferretdb, teleport, spicedb, amass, sftpgo, rke2-cloud-provider, kubeflow-pipelines, hydra, kine, src, wal-g, cloudprober, keda, seaweedfs, spqr, temporal-server, bento, timescaledb-parallel-copy, grafana-alloy, gitlab-kas,...

6.1AI score
Exploits0
OSV
OSV
added 2026/04/22 8:42 a.m.10 views

CLSA-2026-1776847322 curl: Fix of 3 CVEs

CVE-2022-27781: add limit of certificates which can be traversed breaking infinite loop in NSS cert verification - CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27534: fix SFTP path '' resolving discrepancy...

9.8CVSS5.8AI score0.02434EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2026/04/21 7:39 p.m.6 views

CVE-2026-40884 goshs: Empty-username SFTP password authentication bypass in goshs

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP...

9.8CVSS5.8AI score0.00478EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/21 7:34 p.m.35 views

CVE-2026-40876 SFTP root escape via prefix-based path validation in goshs

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to filesystem paths outside the configured SFTP root, which breaks the intended jail boundary and can...

8.7CVSS0.00439EPSS
Exploits1References1
CVE
CVE
added 2026/04/21 7:34 p.m.12 views

CVE-2026-40876

CVE-2026-40876 (goshs) describes an SFTP jail-escape due to a prefix-based path validation bug in the sftpserver.helper.go sanitizePath implementation. The code uses a raw string-prefix check to validate the target path against the configured root, which allows a sibling path (e.g., /tmp/goshsroo...

8.8CVSS5.8AI score0.00439EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/04/21 3:16 p.m.13 views

CVE-2025-14362

The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force...

7.3CVSS0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 2:14 p.m.6 views

CVE-2026-0972

HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0. Note: The title, details, and description of this CVE were corrected post-publishing...

5.4CVSS5.7AI score0.00155EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/21 2:14 p.m.39 views

CVE-2026-0972 HTML Injection possible in system generated emails in Fortra's GoAnywhere MFT

HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0. Note: The title, details, and description of this CVE were corrected post-publishing...

5.4CVSS0.00155EPSS
Exploits1References1
CVE
CVE
added 2026/04/21 2:14 p.m.25 views

CVE-2025-14362

Fortra GoAnywhere MFT SFTP service (before version 7.10.0) does not enforce login rate limiting for Web Users configured to authenticate with SSH keys, enabling brute-force attempts against the SSH key. Affected component: GoAnywhere MFT SFTP login mechanism. Root cause: absence of login limit en...

7.3CVSS5.7AI score0.00194EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/21 12:15 p.m.8 views

CVE-2026-32147

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

5.3CVSS0.00354EPSS
Exploits0References5
OSV
OSV
added 2026/04/21 12:15 p.m.4 views

DEBIAN-CVE-2026-32147

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

4.3CVSS5.5AI score0.00354EPSS
Exploits0References1
Rows per page
Query Builder