EUVD-1999-1307

Malware in sbrugna...

EUVD-2016-2588

Malware in sbrugna...

EUVD-2000-0548

Malware in sbrugna...

EUVD-1999-0689

Malware in sbrugna...

CVE-2025-54792

LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle MitM vulnerability in the software's discovery protocol allows an unauthenticated attacke...

CVE-2025-54792

LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle MitM vulnerability in the software's discovery protocol allows an unauthenticated attacke...

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309 , the vulnerability carries a CVSS score of 9.0. "CrushFTP 10 before 10.8.5 and 11 before 11.3.423, when the DMZ proxy feature is not used, mishandles AS...

CVE-2025-27387

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

CVE-2025-27387 OPPO Clone Phone uses weak WPA passphrase as only means of security

OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure...

CVE-2017-17763

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection...

CVE-2025-24366 Insufficient sanitization of user provided rsync command in SFTPGo

SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...

Accellion FTA SQL Injection Vulnerability

Accellion File Transfer Appliance FTA is a secure file transfer service that allows users to share and synchronize files online, all encrypted with AES 128/256. A SQL injection vulnerability exists in Accellion FTA 912370 and earlier versions. The vulnerability can be exploited to conduct a SQL...

Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities

Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities Document Title: =============== Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1270 Release Date: ============= 2014-05-30...

rssh and scponly arbitrary command execution

Vulnerable applications: rssh All versions All operating systems scponly All versions All operating systems Not vulnerable: Discussion: rssh and scponly are restricted shells that are designed to allow execution only of certain preset programs. Both are used to grant a user the ability to transfe...

YAK! 2.1.0 still vulnerable

YAK! 2.1.0 still vulnerable =========================== for file transfer yak uses ftp mode. Yak! listens on port 3535 for file transfer in ftp mode. vulnerability in the previous version was, they were using constant username and pass combination for ftp login. 2.1.0 version seems to overcome th...

AOL Instant Messenger exposes local file path during file transfers

Overview AOL Instant Messenger AIM disclose local file paths during transfer. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM permits users to transfer files from one client to another. When the file is transferred, the entire local pat...

EFTP Version 2.0.7.337 vulnerabilities

EFTP Version 2.0.7.337 vulnerabilities According to their site @ www.eftp.org "EFTP is a 32bit combined Client/Server application, basically 2 programs in one. EFTP incorporates the 448bit Blowfish Encryption Algorithm and the FTP protocol RFC 959 implementation to provide secure file transfers...

CVE-1999-1326

wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR abort file transfer command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files...