Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 4 days ago5 views

CVE-2025-1241

Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data...

5.8CVSS5.4AI score0.00018EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/21 3:32 p.m.2 views

EUVD-2025-209539

Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data...

5.8CVSS5.8AI score0.00018EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/21 2:14 p.m.2 views

CVE-2025-14362 GoAnywhere MFT SFTP Service Login Vulnerable to Brute Force Attack Under Certain Circumstances

The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force...

7.3CVSS5.7AI score0.00054EPSS
Exploits0References1
Microsoft Secure
Microsoft Secureadded 2025/10/06 5:0 p.m.6 views

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

10CVSS8.8AI score0.62239EPSS
Exploits2
Microsoft Secure
Microsoft Secureadded 2025/10/06 5:0 p.m.5 views

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

10CVSS9AI score0.62239EPSS
Exploits2
GithubExploit
GithubExploitadded 2024/02/04 1:40 a.m.295 views

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

9.8CVSS9.6AI score0.93048EPSS
Exploits8
GithubExploit
GithubExploitadded 2024/01/23 10:42 p.m.28 views

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

It is an exploit module targeting the GoAnywhere MFT vulnerabili...

9.8CVSS8.5AI score0.93048EPSS
Exploits8
GithubExploit
GithubExploitadded 2023/02/26 2:33 a.m.196 views

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

CVE-2023-0669 This Repo contain the pcakages and scr...

7.2CVSS7.4AI score0.94378EPSS
Exploits12
ATTACKERKB
ATTACKERKBadded 2022/07/27 11:15 p.m.3 views

CVE-2021-46830

A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a...

6.5CVSS6.6AI score0.00575EPSS
Exploits0References4
Rows per page
Query Builder