CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

199 matches found

CVE•added 2025/08/05 8:5 p.m.•14 views

CVE-2013-10065

CVE-2013-10065 affects Sysax Multi-Server 6.10 SSHD. A specially crafted SSH key exchange packet can crash the service, causing denial of service. The flaw is triggered by malformed key exchange data, including a non‑standard byte (0x28) replacing the SSH protocol delimiter. Multiple sources (NVD...

8.7CVSS6.5AI score0.71068EPSS

Exploits1References4Affected Software1

CNNVD•added 2025/08/05 12:0 a.m.•2 views

Codeorigin Sysax Multi Server 安全漏洞

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A security vulnerability exists in Codeorigin Sysax Multi Server version 6.10 that stems from not properly handling SSH key exchange data, which could result in a denial of...

8.7CVSS6.5AI score0.71068EPSS

Exploits1References5

Positive Technologies•added 2025/08/05 12:0 a.m.•4 views

PT-2025-31989 · Unknown · Sysax Multi Server

Name of the Vulnerable Software and Affected Versions: Sysax Multi-Server version 6.10 Description: A denial-of-service issue exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet can trigger a crash in the service, resulting in a loss of...

8.7CVSS6.1AI score0.71068EPSS

Exploits1References6

RedhatCVE•added 2025/05/23 7:14 a.m.•5 views

CVE-2024-53459

Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting XSS via the /scgi?sid parameter...

5.4CVSS6.1AI score0.00091EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:31 p.m.•3 views

CVE-2020-23574

When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfilename1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash...

6.5CVSS7.3AI score0.00853EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:9 p.m.•7 views

CVE-2020-13227

An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...

5.3CVSS6.9AI score0.00526EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:11 a.m.•5 views

CVE-2012-6530

Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request...

7.1CVSS7.9AI score0.63819EPSS

Exploits2References1

RedhatCVE•added 2025/05/21 8:48 p.m.•5 views

CVE-2009-4790

Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

9CVSS6.7AI score0.01079EPSS

Exploits0References1

OSV•added 2025/04/28 8:15 p.m.•1 views

CVE-2025-34491

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup...

8.8CVSS6.1AI score0.00326EPSS

Exploits1References3

RedhatCVE•added 2025/03/07 1:25 a.m.•6 views

CVE-2024-53458