Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/04/16 12:0 a.m.4 views

PT-2026-33365

Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...

7.6CVSS5.8AI score0.00022EPSS
Exploits1References5
OSV
OSVadded 2025/08/11 1:51 p.m.2 views

BIT-LIBPYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.7AI score0.01086EPSS
Exploits0References11
OSV
OSVadded 2023/12/01 11:6 a.m.1 views

OESA-2023-1882 apache-commons-net security update

Apache Commons Net library contains a collection of network utilities and protocol implementations. Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3S, SMTPS, Telnet, Whois Security Fixes: Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by...

6.5CVSS8.9AI score0.00249EPSS
Exploits0References2
OSV
OSVadded 2022/12/03 3:15 p.m.31 views

CVE-2021-37533

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.5CVSS6.4AI score
Exploits0References4
UbuntuCve
UbuntuCveadded 2022/12/03 3:15 p.m.66 views

CVE-2021-37533

Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...

6.5CVSS6.7AI score0.00249EPSS
Exploits0References5
CVE
CVEadded 2022/12/03 12:0 a.m.237 views

CVE-2021-37533

CVE-2021-37533 affects the Apache Commons Net FTP client prior to 3.9.0, where the FTP PASV response can cause the client to trust a host from the server. This could lead to leakage of information about services on the client’s private network if a malicious server is involved. The advisory notes...

6.5CVSS6.6AI score0.00249EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linuxadded 2022/05/10 1:49 p.m.4 views

python: ftplib should not use the host from the PASV response

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.8AI score0.01086EPSS
Exploits0References5
Rows per page
Query Builder