18 matches found
EUVD-2023-34426
Malicious code in bioql PyPI...
EUVD-2023-34425
Malicious code in bioql PyPI...
EUVD-2023-34427
Malicious code in bioql PyPI...
GlobalSCAPE EFT Recursive Deflate Stream DoS (CVE-2023-2990)
The version of GlobalSCAPE EFT installed on the remote host is 8.0.x prior to 8.0.0.38. A denial of service DoS vulnerability exists due to improper handling of a recursively compressed packet. An unauthenticated, remote attacker can exploit this issue, via specially crafted packeet, to cause the...
CVE-2023-2991
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message...
CVE-2023-2989
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited...
CVE-2023-2989
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited...
CVE-2023-2991
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message...
CVE-2023-2990
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service...
Information disclosure
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message...
Authentication flaw
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited...
Denial of service
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service...
CVE-2023-2990 Fortra Globalscape Administration Server Denial of Service
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service...
CVE-2023-2990
CVE-2023-2990 affects Fortra Globalscape EFT Admin Server. Versions prior to 8.1.0.16 are vulnerable to a denial-of-service when a compressed DeflateStream packet is processed, because a specially crafted message decompresses to itself and can trigger recursion/heap issues, potentially crashing t...
CVE-2023-2989
CVE-2023-2989 affects Fortra Globalscape EFT administration server prior to 8.1.0.16, due to an out-of-bounds memory read that can permit authentication bypass. Public details describe a blind read flaw in the EFT admin protocol, enabling a logged-in attacker to impersonate another user under cer...
Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]
!Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server \FIXED\https://blog.rapid7.com/content/images/2023/06/GettyImages-1345443906.jpg Earlier this year, Rapid7 researchers undertook a project to analyze managed file transfer applications, due to the number of recent...
Globalscape Enhanced File Transfer 缓冲区错误漏洞
Globalscape Enhanced File Transfer Globalscape EFT is a best-in-class Managed File Transfer MFT solution from Globalscape USA. A security vulnerability exists in Globalscape Enhanced File Transfer versions prior to 8.1.0.16 that stems from an out-of-bounds memory read issue that could cause the...
PT-2023-22460 · Fortra · Fortra Globalscape Eft
Name of the Vulnerable Software and Affected Versions: Fortra Globalscape EFT versions prior to 8.1.0.16 Description: The issue is related to a denial of service, where a compressed message that decompresses to itself can cause infinite recursion, leading to a service crash. Recommendations: For...