Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41 matches found

EUVD
EUVDadded 2026/02/26 6:31 p.m.5 views

EUVD-2026-8860

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.6AI score0.00186EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/02/26 4:24 p.m.3 views

CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.9AI score0.00186EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/02/26 3:33 p.m.8 views

CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.6AI score0.00186EPSS
Exploits0References3
CVE
CVEadded 2026/02/26 3:33 p.m.21 views

CVE-2026-28295

CVE-2026-28295 affects the FTP GVfs backend. A flaw causes the client to unconditionally trust the PASV response from an FTP server, which may contain an arbitrary IP and port. The client then attempts to connect to that endpoint, enabling a malicious server to probe for open ports reachable from...

4.3CVSS5.6AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.4 views

PT-2026-22157

Name of the Vulnerable Software and Affected Versions FTP GVfs backend affected versions not specified Description A flaw exists in the FTP GVfs backend where a malicious FTP server can exploit the system by providing a crafted passive mode PASV response containing an arbitrary IP address and por...

4.3CVSS5.9AI score0.0036EPSS
Exploits2References42
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-4431

Malware in sbrugna...

7.5CVSS6.4AI score0.01426EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2001-0156

Malware in sbrugna...

2.1CVSS6.4AI score0.00446EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2011-4429

Malware in sbrugna...

7.5CVSS6.4AI score0.02216EPSS
Exploits0References3
NVD
NVDadded 2025/06/25 8:15 a.m.10 views

CVE-2024-51980

An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...

5.3CVSS0.00858EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2025/05/23 7:41 a.m.2 views

CVE-2024-55407

An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests...

7.8CVSS7AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:48 a.m.10 views

CVE-2011-4499

The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMappi...

7.5CVSS7.3AI score0.01426EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:50 a.m.6 views

CVE-2011-4504

The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability...

7.5CVSS7.2AI score0.01426EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:49 a.m.7 views

CVE-2011-4501

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers...

10CVSS7.3AI score0.04445EPSS
Exploits0References1
NVD
NVDadded 2025/01/06 7:15 p.m.9 views

CVE-2024-55407

An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests...

7.8CVSS0.00214EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/01/06 12:0 a.m.1 views

ITE IO Access 安全漏洞

ITE IO Access is an application from China Lianyang ITE. A security vulnerability exists in ITE IO Access version 1.0.0.0, which stems from a problem with the DeviceloControl feature that allows an attacker to perform arbitrary port read and write operations via a constructed IOCTL request...

7.8CVSS6.8AI score0.00214EPSS
Exploits0References2
CVE
CVEadded 2025/01/06 12:0 a.m.47 views

CVE-2024-55407

ITE IO Access 1.0.0.0 contains a vulnerability in the DeviceloControl function that lets a local attacker perform arbitrary port read and write actions by supplying crafted IOCTL requests. The issue, reported across multiple sources (NVD, Red Hat, CNNVD, PT Security, etc.), indicates the underlyi...

7.8CVSS7AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/01/06 12:0 a.m.3 views

PT-2025-3109 · Ite · Ite Io Access

Name of the Vulnerable Software and Affected Versions: ITE IO Access version 1.0.0.0 Description: An issue in the DeviceloControl function allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests. This enables attackers to manipulate ports, potentiall...

7.8CVSS7.1AI score0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/01/06 12:0 a.m.7 views

CVE-2024-55407

An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests...

7AI score0.00214EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/10/03 11:27 a.m.4 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00859EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2024/10/02 11:35 a.m.9 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00859EPSS
Exploits0References7
Rows per page
Query Builder