Lucene search
K

32 matches found

OSV
OSV
added 2025/02/26 8:14 a.m.15 views

AZL-57401 CVE-2025-22869 affecting package moby-engine for versions less than 25.0.3-11

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.7 views

AZL-57289 CVE-2025-22869 affecting package cri-o 1.30.1-1

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.8 views

AZL-57369 CVE-2025-22869 affecting package kubevirt for versions less than 1.2.0-15

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 2:51 a.m.8 views

GO-2025-3487 Potential denial of service in golang.org/x/crypto

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.4 views

Xlight FTP 输入验证错误漏洞

Xlight FTP is a high performance and easy to use FTP server software from Xlight FTP Inc. Make file transfers secure and easy to use. A security vulnerability exists in Xlight FTP versions prior to 3.9.4.3 that stems from an integer overflow in the SFTP server packet parsing logic, which could le...

9.8CVSS7AI score0.01115EPSS
Exploits0References2
Fedora
Fedora
added 2024/04/18 1:12 a.m.25 views

[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

5.9CVSS5.7AI score0.05773EPSS
Exploits0
Snyk
Snyk
added 2023/07/23 12:52 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing allocation check in sftp server processing read requests. A malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which is not being checked for failure. For...

6.5CVSS7AI score0.00767EPSS
Exploits0References2
OSV
OSV
added 2023/03/20 12:0 a.m.4 views

UBUNTU-CVE-2023-27534

A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...

8.8CVSS7.1AI score0.02195EPSS
Exploits1References4
OSV
OSV
added 2022/12/06 12:15 a.m.4 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS5.8AI score0.00729EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/09/20 11:38 a.m.18 views

openssh bug fix update

An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

1AI score
Exploits0
CNNVD
CNNVD
added 2021/08/30 12:0 a.m.3 views

GNU Midnight Commander 授权问题漏洞

GNU Midnight Commander is a visual file manager. A security vulnerability exists in Midnight Commander that stems from the fact that starting with version 4.8.26, the server's fingerprint is neither checked nor displayed when Midnight Commander establishes an SFTP connection. An attacker could us...

7.5CVSS7.2AI score0.02216EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2007/10/19 3:36 p.m.5 views

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

4.3CVSS6AI score0.02441EPSS
Exploits1References4
Rows per page
Query Builder