Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 — Wing FTP Server Unauthenticated RCE ██╗...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 — Wing FTP Server Remote Code Execution RCE...

EulerOS Virtualization 2.13.0 : openssh (EulerOS-SA-2025-2612)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources,...

Improper Neutralization of Null Byte or NUL Character

Overview Affected versions of this package are vulnerable to Improper Neutralization of Null Byte or NUL Character in the LZ4FcreateCDictadvanced function, when processing LZ4 frames. An attacker can cause an application to crash or trigger unintended behavior by submitting specially crafted LZ4...

EUVD-2002-2397

Malware in sbrugna...

EUVD-2009-2695

Malware in sbrugna...

EUVD-2004-1121

Malware in sbrugna...

EUVD-2024-31701

Malicious code in bioql PyPI...

EUVD-2022-3708

Malicious code in bioql PyPI...

EUVD-2024-39587

Malicious code in bioql PyPI...

EUVD-2021-30724

Malicious code in bioql PyPI...

CVE-2025-59150

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed i...

BIT-LIBPHP-2020-7066 get_headers() silently truncates after a null byte

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheade...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

=========================================================== CVE...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-47812link is external Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability These types of vulnerabilities are frequent attack...

Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability

Wing FTP Server contains an improper neutralization of null byte or NUL character vulnerability that can allow injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 Wing FTP Server Remote Code Execution RCE Ex...

CVE-2002-2419

Direct connect text client DCTC client 0.83.3 allows remote attackers to cause a denial of service crash via a string ending with a NULL byte character...

SUSE-SU-2023:0527-1 Security update for php8

This update for php8 fixes the following issues: php8 was updated to version 8.0.28: - CVE-2023-0568: Fixed NULL byte off-by-one in phpcheckspecificopenbasedir bnc1208366. - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body bnc1208367...

SUSE-SU-2023:0514-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2023-0568: Fixed NULL byte off-by-one in phpcheckspecificopenbasedir bnc1208366. - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body bnc1208367. - CVE-2023-0567: Fixed vulnerability where BCrypt hashes erroneously...