PT-2026-47655

A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Affected versions: Spring Framework 7.0.0 through...

EUVD-2026-26296

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting sendfile type to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the...

Triggering and Detecting Exploitable Library Vulnerability from the Client by Directed Greybox Fuzzing

Developers utilize third-party libraries to improve productivity, which also introduces potential security risks. Existing approaches generate tests for public functions to trigger library vulnerabilities from client programs, yet they depend on proof-of-concepts PoCs, which are often unavailable...

Exploit for CVE-2025-9074

CVE-2025-9074 Docker Container Command Execution Tool A power...

EUVD-2020-10006

Malware in sbrugna...

ManageEngine AssetExplorer 7700 < 7710 Privilege Escalation

The version of ManageEngine AssetExplorer installed on the remote host is prior to 7.7 Build 7710. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-8309 advisory. - A privilege escalation vulnerability caused by the overly permissive regular expression regex rules in UR...

CVE-2020-18077

A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service DoS...

Modernizing Your VM Program with Rapid7 Exposure Command: A Path to Effective Continuous Threat Exposure Management

In today’s threat landscape, where cyber-attacks are increasingly sophisticated and pervasive, organizations face the daunting challenge of securing a constantly expanding attack surface. Traditional vulnerability management VM programs, while necessary, are no longer sufficient on their own. The...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the fact that two paths may not map GHCB...

CVE-2020-18077

A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service DoS...

CVE-2020-18077

A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service DoS...

Buffer overflow

A buffer overflow vulnerability in the Virtual Path Mapping component of FTPShell v6.83 allows attackers to cause a denial of service DoS...

CVE-2020-18077

The CVE-2020-18077 entry concerns FTPShell v6.83, specifically a vulnerability in the Virtual Path Mapping component caused by a buffer overflow. This flaw can be exploited to trigger a denial of service (DoS). The available sources confirm the affected product and the underlying cause (buffer ov...

FTPShell 缓冲区错误漏洞

Codeorigin FtpShell is Codeorigin's reliable end-to-end file transfer solution for Windows-based computer systems. A buffer error vulnerability exists in FTPShell, which stems from a buffer overflow vulnerability in the virtual path mapping component of FTPShell v6.83 that allows an attacker to...

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of. However, many security pros who are doing an excellent job in handli...

FTPShell Server 6.83 Virtual Path Mapping Local Buffer Overflow

!/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Date: 09-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link : http://www.ftpshell.com/downloadserver.htm Contact:...

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Date: 09-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...

FTPShell Server 6.83 - &#039;Virtual Path Mapping&#039; Local Buffer

!/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Date: 09-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link : http://www.ftpshell.com/downloadserver.htm Contact:...

CVE-2016-5007

Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space...