CVE-2020-8503

Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...

CVE-2020-8796

Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...

CVE-2020-27646

Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...

CVE-2009-4646

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string...

Security update for erlang

This update for erlang fixes the following issues: CVE-2025-26618: Fixed SSH SFTP packet size not verified properly in Erlang OTP bsc1237467. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

USN-7313-1 erlang vulnerability

It was discovered that Erlang incorrectly handled SFTP packet sizes. A remote attacker could possibly use this issue to cause Erlang to consume resources, resulting in a denial of service...

DEBIAN-CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP that stems from not properly validating SFTP packet sizes, which can result in...

PT-2025-6277

Name of the Vulnerable Software and Affected Versions: Dell UCC Edge version 2.3.0 Description: The issue concerns a Blind SSRF vulnerability in the Add Customer SFTP Server of Dell UCC Edge. An unauthenticated attacker with local access could exploit this, leading to Server-Side Request Forgery...

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an International Business Machines IBM application agent used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy that stems from improper validation of specific types of input...

The vulnerability of the SFTP module in the software for managing network infrastructure of SINEC INS allows a perpetrator to execute arbitrary code.

The vulnerability of the SFTP module in the SINEC INS software for managing network infrastructure is related to errors in file upload path cleaning. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

AIPHONE IX SYSTEM和AIPHONE IXG SYSTEM 安全漏洞

AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM are both products of AIPHONE CORPORATION Japan AIPHONE IX SYSTEM is an IP visual intercom system.AIPHONE IXG SYSTEM is an IP-based residential system. A security vulnerability exists in AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM that stems from the presence ...

CVE-2024-46894

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 3. The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to gain knowledge about the list of configured...

CVE-2024-46888

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 3. The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and...

Siemens SINEC INS 安全漏洞

Siemens SINEC INS is a software from Siemens, Germany, that provides centralized services for network infrastructures. An unauthorized access vulnerability exists in Siemens SINEC INS, which could be exploited by an attacker to obtain information about the user list of the SFTP service...

The vulnerability of the Xlight file server exists due to a mistake caused by integer overflow, allowing attackers to execute arbitrary code by sending specially crafted SFTP packets.

The vulnerability of the Xlight file server exists due to a mistake caused by integer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted SFTP packets...

CVE-2024-25659

In Infinera TNMS Transcend Network Management System 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory...

CVE-2024-29954

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the...

VulnCheck KEV: CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.v...

Cerberus FTP Enterprise 资源管理错误漏洞

Cerberus FTP Server is a Windows-based FTP server from Cerberus, Inc. that supports FTP sessions encrypted via FTPS and SFTP. A resource management error vulnerability exists in Cerberus FTP Enterprise version 8.0.10.3, which stems from the presence of a denial of service DoS vulnerability...