Lucene search
K

6 matches found

EUVD
EUVD
added 2026/06/01 1:22 p.m.13 views

EUVD-2026-33642

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/06 1:53 a.m.3 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...

7.5CVSS6.9AI score0.00218EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 12:31 a.m.5 views

EUVD-2026-1041

Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below do not revoke active SFTP connections when a user is removed from a server instance or has their permissions changes with respect to file access over SFTP. This allows a user that was already connected to...

7.5CVSS6.2AI score0.00218EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/15 1:55 p.m.24 views

CVE-2025-53868 BIG-IP SCP and SFTP vulnerability

When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.3 views

PT-2024-40239 · Teleport · Teleport

Name of the Vulnerable Software and Affected Versions: Teleport versions prior to 12.4.31 Teleport versions prior to 13.4.13 Teleport versions prior to 14.2.4 Description: An attacker with access to nodes within the cluster may be able to SFTP to the Proxy Service. The user's permissions on the...

7AI score
Exploits0References5
OSV
OSV
added 2018/10/17 1:31 a.m.5 views

CVE-2018-3267

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: LFTP. The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via FTP to compromise Solaris. Successful attacks of this...

5.3CVSS5.8AI score0.02066EPSS
Exploits0References3
Rows per page
Query Builder