CRLF Injection

Overview basic-ftp is a FTP client for Node.js, supports FTPS over TLS, IPv6, Async/Await, and Typescript. Affected versions of this package are vulnerable to CRLF Injection via unsanitized path parameters in the protectWhitespace function. An attacker can execute arbitrary FTP commands by...

PT-2026-30374

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and...

NICO-FTP 缓冲区错误漏洞

NICO-FTP is a file transfer client software developed by NICO-FTP Corporation. Version NICO-FTP 3.0.1.19 contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which could allow remote attackers to execute arbitrary code by...

Linux Distros Unpatched Vulnerability : CVE-2026-28296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containi...

EUVD-2019-5854

Malware in sbrugna...

EUVD-2000-0132

Malware in sbrugna...

EUVD-2001-0810

Malware in sbrugna...

EUVD-2002-1957

Malware in sbrugna...

EUVD-2002-0605

Malware in sbrugna...

EUVD-2003-0555

Malware in sbrugna...

EUVD-2004-1134

Malware in sbrugna...

EUVD-2005-0420

Malware in sbrugna...

EUVD-2006-4389

Malware in sbrugna...

EUVD-2008-4225

Malware in sbrugna...

EUVD-2010-2462

Malware in sbrugna...

EUVD-2016-3398

Malware in sbrugna...

EUVD-2018-8083

Malware in sbrugna...

EUVD-2018-18979

Malware in sbrugna...

CVE-2019-14704

An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field...

CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...