mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0...

UBUNTU-CVE-2021-36370

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity...

Cisco ConfD 安全漏洞

Cisco ConfD is a management software from Cisco USA. A security vulnerability exists in Cisco ConfD that stems from the affected software incorrectly running SFTP user services with a privileged user enabled CLI when ConfD's built-in SSH server is running. The vulnerability allows an authenticate...

FileZen OS Command Injection Vulnerability

FileZen is a device for secure file transfer and sharing via email or web interface. An OS command injection vulnerability exists in FileZen 3.0.0 - 4.2.7, 5.0.0 - 5.0.2. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary OS commands...

CVE-2021-1145

A vulnerability in the Secure FTP SFTP of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The...

CVE-2020-27646

Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...

Design/Logic Flaw

Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...

CVE-2020-27646

Biscom Secure File Transfer (SFT) platforms are affected in versions prior to 5.1.1082 and 6.x prior to 6.0.1011, where a vulnerability enables user credential theft. The CVSS data indicates network exposure with a high confidentiality impact (C:H) but no integrity or availability impact, and use...

CVE-2020-27646

Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...

CVE-2019-20150

In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...

CVE-2020-5907

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell tmsh may be able to conduct arbitrary file read/writes via the built-in sftp functionality...

FTPGetter Code Issue Vulnerability

FTPGetter is a file transfer tool from the FTPGetter team that supports FTP and SFTP protocols. A code issue vulnerability exists in FTPGetter Professional Edition version 5.97.0.223. The vulnerability stems from an improperly designed or implemented code development process for a network system ...

CVE-2020-8796

Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...

Remote code execution

Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...

CVE-2020-8796

Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...

Design/Logic Flaw

Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...

CVE-2020-8503

Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...

CVE-2020-8503

The CVE-2020-8503 issue affects Biscom Secure File Transfer (SFT) versions 5.0.1050–5.1.1067 and 6.0.1000–6.0.1003. A vulnerability in the file-upload feature allows Insecure Direct Object Reference (IDOR) by an authenticated sender due to an error in how uploads are handled. The impact is descri...

PT-2019-15361 · Unknown · Control Center Server

Name of the Vulnerable Software and Affected Versions: Control Center Server CCS versions prior to V1.5.0 Description: A vulnerability has been identified in the SFTP service of the Control Center Server, which does not properly limit its capabilities. This could allow an unauthenticated remote...

CVE-2019-6617

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files such as /etc/passwd using SFTP to modify user permissions, without Advanced Shell access. This is contrary to o...