Lucene search
K

6362 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: vsftpd (UTSA-2026-007108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007108 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote,...

6.5CVSS5.8AI score0.00737EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/04/09 1:18 p.m.125 views

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

\ CVE-2025-47812 — Wing FTP Server RCE Research \ Contexte...

10CVSS7.5AI score0.95343EPSS
Exploits23
NVD
NVD
added 2026/04/05 9:16 p.m.5 views

CVE-2019-25681

Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...

8.6CVSS0.00208EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.5 views

CVE-2019-25686 Core FTP 2.0 build 653 PBSZ Unauthenticated Denial of Service

Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer. Attackers can send a PBSZ command with a payload exceeding 211 bytes to trigger an access...

8.7CVSS5.9AI score0.00466EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.1 views

CVE-2019-25681

Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...

8.6CVSS6.4AI score0.00208EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

Xlight FTP Server 缓冲区错误漏洞

Xlight FTP Server is an open-source FTP server software developed by Xlight. Version 3.9.1 of Xlight FTP Server contains a buffer error vulnerability. This vulnerability stems from a coverage issue with structured exception handlers, which may allow local attackers to cause the application to cra...

8.6CVSS6AI score0.00208EPSS
Exploits1References4
OSV
OSV
added 2026/03/31 9:11 a.m.4 views

OPENSUSE-SU-2026:20451-1 Security update for gnome-online-accounts, gvfs

This update for gnome-online-accounts, gvfs fixes the following issues: Changes for gvfs: Update gvfs to 1.59.90: - CVE-2026-28295: information disclosure when processing untrusted PASV responses from FTP servers bsc1258953. - CVE-2026-28296: arbitrary FTP command injection due to unsanitized CRL...

4.3CVSS6.1AI score0.0036EPSS
Exploits2References4
EUVD
EUVD
added 2026/03/30 12:32 p.m.4 views

EUVD-2019-20046

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Attackers can paste a malicious payload containing 7000 bytes of data into the domain configuration to trigger an...

8.7CVSS6.1AI score0.00691EPSS
Exploits1References5
NVD
NVD
added 2026/03/30 12:16 p.m.4 views

CVE-2019-25654

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Attackers can paste a malicious payload containing 7000 bytes of data into the domain configuration to trigger an...

8.7CVSS0.00691EPSS
Exploits1References4
CVE
CVE
added 2026/03/30 11:2 a.m.9 views

CVE-2019-25654

CVE-2019-25654 affects Core FTP/SFTP Server 1.2. The vulnerability is a buffer overflow in the domain field under User configuration, allowing a crafted 7000-byte payload to crash the service and cause denial of service (availability impact). Public metrics list CVSS v3.1 base score 7.5 (HIGH) wi...

8.7CVSS6.1AI score0.00691EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/30 11:2 a.m.13 views

CVE-2018-25229

BulletProof FTP Server 2019.0.0.50 is affected by a local denial-of-service vulnerability in the SMTP configuration interface. An input buffer of 257 'A' characters in the SMTP Server field can crash the application when Test is clicked. Connected sources corroborate the existence of a DoS via th...

7.1CVSS6.1AI score0.00216EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 11:2 a.m.9 views

CVE-2018-25229 BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash ...

6.8CVSS6.1AI score0.00216EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/30 11:2 a.m.21 views

CVE-2018-25229 BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash ...

6.8CVSS0.00216EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.11 views

BulletProof FTP Server 安全漏洞

BulletProof FTP Server is an FTP server software developed by BulletProof Corporation. Version 2019.0.0.50 of BulletProof FTP Server contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the SMTP configuration interface, which could allow local...

7.1CVSS5.8AI score0.00216EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-29515

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally...

9.3CVSS5.9AI score0.00481EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/23 3:30 p.m.3 views

EUVD-2026-14411

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

8.7CVSS5.8AI score0.00272EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/23 12:40 p.m.2 views

CVE-2026-1958

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

8.7CVSS5.8AI score0.00272EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/22 3:30 a.m.6 views

EUVD-2019-19918

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

6.9CVSS6AI score0.00171EPSS
Exploits1References5
NVD
NVD
added 2026/03/22 1:16 a.m.6 views

CVE-2019-25588

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes...

6.9CVSS0.00171EPSS
Exploits1References4
NVD
NVD
added 2026/03/22 1:16 a.m.5 views

CVE-2019-25587

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer o...

6.9CVSS0.00177EPSS
Exploits1References4
Rows per page
Query Builder