Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a premature logout of the ipvsftp module, which could lead to reuse after release...

EUVD-2014-1767

Malware in sbrugna...

EUVD-2021-29096

Malicious code in bioql PyPI...

EUVD-2023-24250

Malicious code in bioql PyPI...

CVE-2021-42110

An issue was discovered in Allegro Windows formerly Popsy Windows before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking...

Easy Chat Server 3.1 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: Easy Chat Server 3.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 05 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1ZbfeaWSEKlpvCG1eUtD0vNnfkNz8PlE/view Notification vendor: No reported...

CVE-2023-20071

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker coul...

Multiple Cisco Products Snort FTP Inspection Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker coul...

SUSE CVE-2012-3499

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

[SECURITY] Fedora 36 Update: libxml2-2.10.3-1.fc36

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to loss of confidentiality due to CVE-2021-4189

Summary Python is included in the DesignerAuthoring component when Mapping Assist is enabled. The Python FTP module is vulnerable due to CVE-2021-4189. IBM App Connect Enterprise Certified Container is not directly vulnerable under standard operations, but custom use of the images may be vulnerab...

[SECURITY] Fedora 34 Update: libxml2-2.9.14-1.fc34

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host

Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...

CVE-2021-42110

An issue was discovered in Allegro Windows formerly Popsy Windows before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking...

Design/Logic Flaw

An issue was discovered in Allegro Windows formerly Popsy Windows before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking...

CVE-2021-42110

An issue was discovered in Allegro Windows formerly Popsy Windows before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking...

Allegro Windows 输入验证错误漏洞

Allegro Windows is an accounting and management solution from Allegro Belgium. An input validation error vulnerability exists in Allegro Windows, which arises from the product's failure to validate a called DLL file. An attacker could cause a DLL hijacking to elevate privileges to SYSTEM after...

[SECURITY] Fedora 33 Update: libxml2-2.9.12-4.fc33

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 31 Update: libxml2-2.9.10-4.fc31

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 32 Update: libxml2-2.9.10-7.fc32

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...