EUVD-2004-2106

Malware in sbrugna...

EUVD-2005-2783

Malware in sbrugna...

EUVD-2022-2735

Malicious code in bioql PyPI...

CVE-2002-2062

Cross-site scripting XSS vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP...

CVE-2008-4724

Multiple cross-site scripting XSS vulnerabilities in Google Chrome 0.2.149.30 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a 1 JPG, 2 PDF, or 3 TXT file. NOTE: the provenance of this information is unknown; the details are obtained...

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

Denial Of Service (DoS)

squid is vulnerable to Denial Of Service DoS. In this context, a remote attacker could potentially perform a Denial of Service DoS attack by sending FTP URLs in HTTP Request messages or by constructing FTP URLs from FTP Native input. This type of attack might lead to service disruption or...

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2023:4380-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4380-1 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1...

K22052524: cURL and libcurl vulnerability CVE-2018-1000120

Security Advisory Description A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. CVE-2018-1000120 Impact libcurl does not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. By...

SUSE CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as...

CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Code injection

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

CVE-2021-24002

CVE-2021-24002 is a vulnerability observed in Firefox before 88 and Thunderbird before 78.10 where clicking an FTP URL containing encoded newline characters (%0A, %0D) could cause the server to interpret newlines and execute arbitrary commands. Affected products include Firefox ESR < 78.10, Fi...

USN-4995-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or...

Oracle Linux 8 : firefox (ELSA-2021-1360)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1360 advisory. 78.10.0-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.10.0-1 - Update to 78.10...

Oracle Linux 8 : thunderbird (ELSA-2021-1353)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1353 advisory. 78.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.10.0-1 - Update to 78.10.0 Tenable has extract...

CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...