156 matches found
CVE-2008-7264
The ftpQUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service file descriptor exhaustion and daemon outage by sending a QUIT command during a disallowed data-transfer attempt...
CVE-2024-12344
A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...
RHEL 5 : httpd and httpd22 (RHSA-2010:0011)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0011 advisory. - httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3094 - httpd: modproxyftp FTP command injection vi...
CVE-2023-51713
makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...
dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand
A vulnerability was found in FormatFtpCommand in the .NET package that may result in a CRLF injection arbitrary file write and deletion...
dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand
A vulnerability was found in FormatFtpCommand in the .NET package that may result in a CRLF injection arbitrary file write and deletion...
USN-6480-1 dotnet6, dotnet7, dotnet8 vulnerabilities
Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. CVE-2023-36558 Piotr Bazydlo discovered that .NET did not properly handle...
Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Stack-Based Buffer Overflow (CVE-2018-7240)
A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious...
RHEL 7 : java-1.8.0-openjdk (RHSA-2021:2845)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2845 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
java-11-openjdk security update
An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...
ALSA-2021:2781 Important: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient to...
Backdoor.Win32.Surila.j Denial Of Service
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b1cec4b806c71c82bbd9002bdaf21d1fC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Surila.j Vulnerability: Remote Denial of Service Description: The malware listens on...
CentOS 8 : firefox (CESA-2021:1360)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1360 advisory. - Mozilla: More internal network hosts could have been probed by a malicious webpage CVE-2021-23961 - Mozilla: Out of bound write due to lazy...
Updated thunderbird packages fix security vulnerabilities
More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...
Updated firefox packages fix security vulnerabilities
More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...
MGASA-2021-0199 Updated firefox packages fix security vulnerabilities
More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...
SUSE-SU-2021:1325-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR bsc1184960 CVE-2021-23994: Out of bound write due to lazy initialization CVE-2021-23995: Use-after-free in Responsive Design Mode CVE-2021-23998: Secure Lock icon could have been spoofed CVE-2021-23961...
CentOS 8 : thunderbird (CESA-2021:1353)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1353 advisory. - Mozilla: More internal network hosts could have been probed by a malicious webpage CVE-2021-23961 - Mozilla: Out of bound write due to lazy...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1307-1)
This update for MozillaFirefox fixes the following issues : Firefox was updated to 78.10.0 ESR bsc1184960 - CVE-2021-23994: Out of bound write due to lazy initialization - CVE-2021-23995: Use-after-free in Responsive Design Mode - CVE-2021-23998: Secure Lock icon could have been spoofed -...
Oracle Linux 7 : firefox (ELSA-2021-1363)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1363 advisory. 78.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....