Lucene search
K

1809 matches found

CVE
CVE
added 6 days ago20 views

CVE-2026-10699

CVE-2026-10699 affects Progress MOVEit Transfer (Custom Reports modules) with a memory leak caused by missing release of memory after its effective lifetime. Affects MOVEit Transfer versions: 2025.0.0–before 2025.0.8, 2025.1.0–before 2025.1.4, and 2026.0.0–before 2026.0.1. The issue can lead to d...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-10699 Memory leak in SFTP service can result in a denial of service in MOVEit Transfer

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-59997

A flaw was found in OpenSSH. The internal-sftp component within sshd incorrectly processes command-line arguments, recognizing only the first nine. This limitation can prevent the application of intended security configurations for SFTP SSH File Transfer Protocol connections, potentially leading ...

5.4CVSS5.9AI score0.00177EPSS
Exploits0References6
OSV
OSV
added 6 days ago4 views

DEBIAN-CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

5.4CVSS6AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 6 days ago8 views

CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS0.00241EPSS
Exploits0References3
NVD
NVD
added 6 days ago7 views

CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

5.4CVSS0.00177EPSS
Exploits0References3
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

5.4CVSS6.1AI score0.00177EPSS
Exploits0References4
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS6.1AI score0.00241EPSS
Exploits0References4
CVE
CVE
added 6 days ago81 views

CVE-2026-59997

The CVE affects OpenSSH’s internal-sftp helper invoked by sshd, where the process only parses the first 9 command-line arguments. This is tied to OpenSSH before version 10.4. According to the description, this could undermine intended security properties of an SFTP connection if a later argument ...

5.4CVSS6AI score0.00177EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 6 days ago5 views

CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

5.4CVSS5.9AI score0.00177EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago122 views

CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

4.2CVSS0.00177EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS6AI score0.00241EPSS
Exploits0
AlpineLinux
AlpineLinux
added 6 days ago5 views

CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

5.4CVSS5.9AI score0.00241EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42137

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

4.2CVSS6AI score0.00241EPSS
Exploits0References3
CVE
CVE
added 6 days ago108 views

CVE-2026-59995

OpenSSH sftp (client) vulnerability CVE-2026-59995 affects OpenSSH versions older than 10.4. The issue arises when using SFTP with an attacker-controlled server and the command "sftp server:/path .", where the client does not properly constrain the location where downloaded files can be placed. T...

5.4CVSS6AI score0.00241EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-59995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when sftp server:/path . is used with an attacker-controlled server...

5.4CVSS6.1AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-59997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would...

5.4CVSS6.1AI score0.00177EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/06 10:8 p.m.6 views

CVE-2026-12064

A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP SSH File Transfer Protocol or SCP Secure Copy Protocol as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect t...

7.5CVSS5.9AI score0.00574EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/06 3:25 p.m.7 views

CVE-2026-5268

An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation...

9.1CVSS6AI score0.0042EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 3:25 p.m.36 views

CVE-2026-5268 SFTP Server Authentication Weakness

An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation...

0.0042EPSS
Exploits0References1
Rows per page
Query Builder