CRLF Injection

Overview basic-ftp is a FTP client for Node.js, supports FTPS over TLS, IPv6, Async/Await, and Typescript. Affected versions of this package are vulnerable to CRLF Injection via unsanitized path parameters in the protectWhitespace function. An attacker can execute arbitrary FTP commands by...

PT-2026-30374

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and...

EUVD-2016-3398

Malware in sbrugna...

EUVD-2018-8083

Malware in sbrugna...

EUVD-2018-18979

Malware in sbrugna...

EUVD-2000-0132

Malware in sbrugna...

EUVD-2001-0810

Malware in sbrugna...

EUVD-2002-0605

Malware in sbrugna...

EUVD-2003-0555

Malware in sbrugna...

EUVD-2004-1134

Malware in sbrugna...

EUVD-2005-0420

Malware in sbrugna...

EUVD-2006-4389

Malware in sbrugna...

EUVD-2010-2462

Malware in sbrugna...

CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...

FreeBSD : zeek -- potential DoS vulnerabilities (2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b advisory. - Tim Wojtulewicz of Corelight reports: A missing field in the SMB FSControl script-land record could...

Backdoor.Win32.Destrukor.20 MVID-2022-0626 Authentication Bypass / Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Authentication Bypass Description: The malware...

Backdoor.Win32.Coredoor.10.a Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4d10cd3fa86239ade05d2b741892b1e5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Coredoor.10.a Vulnerability: Authentication Bypass RCE Description: The malware liste...

Backdoor.Win32.Hupigon.aejq Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2a366cea300b84b4e6f8204a8c229266.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aejq Vulnerability: Authentication Bypass RCE Description: The malware runs a...

Backdoor.Win32.RMFdoor.c Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5e2e6ca532c20ee6a59861d936df7076.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RMFdoor.c Vulnerability: Authentication Bypass RCE Description: The malware listens o...

High-Severity Cisco Flaw Found in CMX Software For Retailers

A high-severity flaw in Cisco’s smart Wi-Fi solution for retailers could allow a remote attacker to alter the password of any account user on affected systems. The vulnerability is part of a number of patches issued by Cisco addressing 67 high-severity CVEs on Wednesday. This included flaws found...