Lucene search
K

178 matches found

OSV
OSV
added 2023/05/10 3:23 p.m.10 views

CVE-2022-41985

An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

8.6CVSS7AI score0.01488EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/05/10 3:23 p.m.13 views

CVE-2022-46378

An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs wh...

6.5CVSS7.1AI score0.01419EPSS
Exploits1References2
CVE
CVE
added 2023/05/10 3:23 p.m.45 views

CVE-2022-41985

CVE-2022-41985 affects Weston Embedded uC-FTPs v1.98.00. Talos reports an authentication bypass in the FTP server: after USER with an unauthenticated sequence, the state machine can skip authentication and allow following commands, potentially enabling DoS via crafted packets. Evidence from Talos...

8.6CVSS7.6AI score0.01488EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/05/10 3:23 p.m.63 views

CVE-2022-46378

Weston Embedded uC-FTPs v1.98.00 has an out-of-bounds read in the PORT command parameter extraction. When PORT is issued with no arguments, the server may scan the input and access unmapped memory, causing a denial of service. Talos’ TALOS-2022-1681 report (CVE-2022-46378; CVE-2022-46377) confirm...

7.5CVSS7.4AI score0.01419EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/05/10 3:23 p.m.41 views

CVE-2022-41985

An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

8.6CVSS8.9AI score0.01488EPSS
Exploits1References2
CVE
CVE
added 2023/05/10 3:23 p.m.46 views

CVE-2022-46377

Weston Embedded uC-FTPs 1.98.00 has an out-of-bounds read in the PORT command argument extraction. When no IP address argument is provided to PORT, the server may misparse the buffer, potentially leading to denial of service. Concrete details in Talos/TALOS-2022-1681 describe the vulnerable code ...

7.5CVSS7.4AI score0.0148EPSS
Exploits1References3Affected Software1
Talos
Talos
added 2023/05/10 12:0 a.m.44 views

Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...

7.5CVSS7AI score0.0148EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.6 views

PT-2023-14922 · Unknown · Weston Embedded Uc-Ftps

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-FTPs version 1.98.00 Description: An out-of-bounds read issue exists in the PORT command parameter extraction functionality. A specially-crafted set of network packets can lead to denial of service. This occurs when no IP...

7.5CVSS7.3AI score0.0148EPSS
Exploits1References5
Talos
Talos
added 2023/05/10 12:0 a.m.39 views

Weston Embedded uC-FTPs Authentication authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...

8.6CVSS8.1AI score0.01488EPSS
Exploits1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.7 views

Weston Embedded uC-FTPs 授权问题漏洞

Weston Embedded uC-FTPs is a Micrium FTP File Transfer Protocol server from Weston Embedded. A security vulnerability exists in Weston Embedded uC-FTPs v 1.98.00, which stems from an authentication bypass vulnerability in the authentication feature that could allow an attacker to send a series of...

8.6CVSS7.3AI score0.01488EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/05/10 12:0 a.m.5 views

PT-2023-14923 · Unknown · Weston Embedded Uc-Ftps

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-FTPs version 1.98.00 Description: An out-of-bounds read issue exists in the PORT command parameter extraction functionality. This can be triggered by a specially-crafted set of network packets, leading to denial of service...

7.5CVSS7.4AI score0.01419EPSS
Exploits1References5
Fedora
Fedora
added 2023/02/28 2:2 a.m.54 views

[SECURITY] Fedora 36 Update: curl-7.82.0-13.fc36

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

6.5CVSS8.4AI score0.01703EPSS
Exploits1
Fedora
Fedora
added 2023/02/19 1:39 a.m.44 views

[SECURITY] Fedora 37 Update: curl-7.85.0-6.fc37

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.1CVSS8.4AI score0.01703EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.26 views

Fedora: Security Advisory for curl (FEDORA-2022-9836111c44)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.1654EPSS
Exploits2References2
Fedora
Fedora
added 2022/11/10 4:21 p.m.41 views

[SECURITY] Fedora 35 Update: curl-7.79.1-7.fc35

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.8CVSS8.9AI score0.04325EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/09/07 12:0 a.m.9 views

Fedora: Security Advisory for curl (FEDORA-2022-5131c26a69)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

3.7CVSS6.5AI score0.01839EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2019-0314)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.57606EPSS
Exploits2References3
Fedora
Fedora
added 2021/11/03 1:12 a.m.57 views

[SECURITY] Fedora 35 Update: curl-7.79.1-1.fc35

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

9.1CVSS8.5AI score0.06216EPSS
Exploits3
Packet Storm
Packet Storm
added 2021/09/07 12:0 a.m.182 views

SmartFTP Client 10.0.2909.0 Denial Of Service

Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service Date: 9/5/2021 Exploit Author: Eric Salario Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/en-us/download Version: 10.0.2909.0 32 and 64 bit Tested on: Microsoft Windows 10 32 bit a...

Exploits0
0day.today
0day.today
added 2021/09/06 12:0 a.m.134 views

SmartFTP Client 10.0.2909.0 - (Multiple) Denial of Service Exploit

Exploit Title: SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service Exploit Author: Eric Salario Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/en-us/download Version: 10.0.2909.0 32 and 64 bit Tested on: Microsoft Windows 10 32 bit and 64 bit...

Exploits0
Rows per page
Query Builder