EUVD-2026-24128

An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page...

CVE-2022-42436

IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206...

CVE-2019-12769

SolarWinds Serv-U Managed File Transfer MFT Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File parameters...

CVE-2025-8148 CVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFT

An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...

EUVD-2019-4353

Malware in sbrugna...

EUVD-2020-30233

Malware in sbrugna...

EUVD-2022-45509

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2024-50623

Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges...

The vulnerability of the TIBCO Managed File Transfer Platform Server stems from deficiencies in authentication procedures. This allows attackers to circumvent security restrictions, increase their privileges, and execute arbitrary commands.

The vulnerability of the TIBCO Managed File Transfer Platform Server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions using the user’s identifier and password, thereby increasing their privileges and...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition.

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ for Solaris. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)

Binary data fortragoanywheremftCVE-2024-0204.nbin...

PT-2023-28702 · Crushftp · Crushftp

Name of the Vulnerable Software and Affected Versions: CrushFTP affected versions not specified Description: The issue poses a threat and is related to managing the security of MFT applications. There is an analysis available of the threat. Recommendations: At the moment, there is no information...

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

!Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP \FIXED\https://blog.rapid7.com/content/images/2023/10/vuln-disclosure-banner.jpeg As part of our continuing research project into managed file transfer risk, including JSCAPE MFT and Fortra Globalscape EFT Server, Rapi...

Security Bulletin: IBM MQ is affected by a vulnerability in Apache Commons Net (CVE-2021-37533)

Summary IBM MQ Managed File Transfer is affected by a vulnerability in Apache Commons Net. Vulnerability Details CVEID:CVE-2021-37533 DESCRIPTION: Apache Commons Net could allow a remote attacker to obtain sensitive information, caused by an issue with the FTP client trusting the host from PASV...

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

CVE-2023-0669 This Repo contain the pcakages and scr...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.1.2 Pre-Authentication Command Injection (CVE-2023-0669)

According to its self-reported version, the instance of Fortra GoAnywhere Managed File Transfer MFT running on the remote web server is 7.1.2. It is, therefore, affected by a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary...

CVE-2022-42436

IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206...

Design/Logic Flaw

IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206...

Threat Source newsletter (Feb. 9, 2023): Don't let criminals exploit your empathy

Welcome to this weeks edition of the Threat Source newsletter. Our hearts are with the people of Turkey and Syria and all those impacted by the tragic earthquake. The Cisco Foundation has launched a matching campaign to support local disaster relief organizations. As a person its always difficult...

CVE-2022-42436 IBM MQ information disclosure

IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206...