CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/01 6:30 p.m.•3 views

EUVD-2025-200022

A buffer overflow in the gcfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service DoS via a crafted input...

6.5CVSS6.7AI score0.00065EPSS

Exploits1References3

NVD•added 2025/12/01 4:15 p.m.•2 views

CVE-2025-65403

A buffer overflow in the gcfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service DoS via a crafted input...

6.5CVSS0.00065EPSS

OSV•added 2025/12/01 4:15 p.m.•2 views

CVE-2025-65403

A buffer overflow in the gcfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service DoS via a crafted input...

6.5CVSS7.1AI score

Exploits0References2

CVE•added 2025/12/01 12:0 a.m.•4 views

CVE-2025-65403

LightFTP v2.0 contains a buffer overflow in the g_cfg.MaxUsers component that enables Denial-of-Service from crafted input. Public entries across multiple feeds confirm the affected version (LightFTP 2.0) and the DoS impact; no remediation or fixed version is identified in the provided documents....

6.5CVSS6.8AI score0.00065EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2025/12/01 12:0 a.m.•2 views

CVE-2025-65403

A buffer overflow in the gcfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service DoS via a crafted input...

6.8AI score0.00065EPSS

CNNVD•added 2025/12/01 12:0 a.m.•2 views

LightFTP 安全漏洞

LightFTP is a lightweight FTP service for hfiref0x individual developers. A security vulnerability exists in LightFTP version v2.0, which stems from a buffer overflow in the gcfg.MaxUsers component that could lead to a denial of service attack...

6.5CVSS6.8AI score0.00065EPSS

Exploits1References3

Cvelist•added 2025/12/01 12:0 a.m.•3 views

CVE-2025-65403

A buffer overflow in the gcfg.MaxUsers component of LightFTP v2.0 allows attackers to cause a Denial of Service DoS via a crafted input...

0.00065EPSS

Positive Technologies•added 2025/12/01 12:0 a.m.•4 views

PT-2025-48489

Name of the Vulnerable Software and Affected Versions LightFTP version 2.0 Description A buffer overflow exists in the g cfg.MaxUsers component of the software. This flaw allows attackers to potentially cause a Denial of Service DoS by providing a specially crafted input. Recommendations At the...

6.5CVSS6.9AI score0.00065EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-1490

Malware in sbrugna...

9.8CVSS9.5AI score0.02329EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-28106

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00259EPSS

RedhatCVE•added 2025/05/23 3:20 a.m.•3 views

CVE-2023-24042

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context-FileName...

7.5CVSS6.8AI score0.00259EPSS

RedhatCVE•added 2025/05/22 5:58 a.m.•1 views

CVE-2017-1000218

LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution...

9.8CVSS8AI score0.02329EPSS

Vulnrichment•added 2024/12/16 5:0 p.m.•15 views

CVE-2024-11144 Race Condition with LightFTP

The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user from a remote network. The crash causes the FTP service to become unavailable, affecting all users and processes that rely on it for file transfers. If the crash occurs during file upload or download, it...

9.2CVSS7.3AI score0.00107EPSS

Cvelist•added 2024/12/16 5:0 p.m.•14 views

CVE-2024-11144 Race Condition with LightFTP

9.2CVSS0.00107EPSS

CVE•added 2024/12/16 5:0 p.m.•50 views

CVE-2024-11144

CVE-2024-11144 affects LightFTP server (notably version 2.3 per CNNVD/NVD entries) with a lack of thread safety that allows an anonymous remote attacker to crash the FTP service by sending anomalous data. Consequences include FTP service unavailability, potential incomplete file transfers and dat...

9.2CVSS7.8AI score0.00107EPSS

CNNVD•added 2024/12/16 12:0 a.m.•1 views

LightFTP 安全漏洞

LightFTP is a lightweight FTP service by hfiref0x individual developers. A security vulnerability exists in LightFTP version 2.3, which stems from a lack of thread security on the server and can be caused to crash by anomalous data sent by an anonymous user from a remote network...

9.2CVSS6.8AI score0.00107EPSS

Packet Storm•added 2024/01/16 12:0 a.m.•367 views

LightFTP 1.1 Denial Of Service

!/usr/bin/perl use Net::FTP; Exploit Title: LightFTP 1.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 15 january 2024 Vendor Homepage: N/A Notification vendor: No reported Tested Version: LightFTP 1.1 Tested on: Window XP Professional - Service Pack 2 and 3 - English...

7.4AI score

Exploits0

NVD•added 2023/01/21 2:15 a.m.•8 views

CVE-2023-24042

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context-FileName...

7.5CVSS7.4AI score0.00259EPSS

OSV•added 2023/01/21 2:15 a.m.•14 views

CVE-2023-24042

A race condition in LightFTP through 2.2 allows an attacker to achieve path traversal via a malformed FTP request. A handler thread can use an overwritten context-FileName...

7.5CVSS6.7AI score