8 matches found
CVE-2025-40830
A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application does not have proper authorization checks for the filetransfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any...
CVE-2025-35060
Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...
CVE-2025-35060
Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...
CVE-2025-35060
CVE-2025-35060 concerns Newforma Info Exchange (NIX): the remote, authenticated attacker can upload SVG files via the Send a File Transfer feature, leading to stored XSS when the SVG content is rendered in a browser (notably with a mobile user agent). Several connected sources corroborate a cross...
CVE-2025-27395
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and...
Stack overflow
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...
CVE-2014-6055
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...
libvncserver -- multiple security vulnerabilities
Nicolas Ruff reports: Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature...