CLSA-2026-1779279626 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

EUVD-2008-6145

Malware in sbrugna...

EUVD-2001-0800

Malware in sbrugna...

CVE-2021-31358

A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allow...

PT-2021-19258 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.4R2-S2-EVO Juniper Networks Junos OS Evolved version 21.1 versions prior to 21.1R2-EVO Juniper Networks Junos OS Evolved version 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO...

Juniper Networks Junos OS 操作系统操作系统命令注入漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS suffers from an operating system command injection vulnerability that stems from a command...

CVE-2021-1145 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability

A vulnerability in the Secure FTP SFTP of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The...

Buffer overflow

Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service crash and execute arbitrary code via a long 1 open, 2 unlink, 3 mkdir, 4 rmdir, or 5 stat SFTP command...

CVE-2008-6899

Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service crash and execute arbitrary code via a long 1 open, 2 unlink, 3 mkdir, 4 rmdir, or 5 stat SFTP command...

Command injection

SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service application crash via a crafted argument to the opendir SFTP command...

CVE-2008-6175

SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service application crash via a crafted argument to the opendir SFTP command...

CVE-2008-6175

SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service application crash via a crafted argument to the opendir SFTP command...

CVE-2008-6175

SilverSHielD 1.0.2.34 is affected by CVE-2008-6175. The vulnerability allows a remote attacker to cause an application crash (DoS) by sending a crafted argument to the opendir SFTP command. The NVD entry lists a CVSSv2 base score of 5.0 (Medium) with network attack vector and minimal authenticati...

freeSSHd SFTP命令远程缓冲区溢出漏洞

BUGTRAQ ID: 32972 freeSSHd是一款免费的SSH服务程序。 freeSSHd SFTP命令存在多个缓冲区溢出，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击，也可以以运行此程序的用户进程权限执行任意代码。 freeSSHd 1.2.1 目前没有解决方案提供： http://freesshd.com/ FreeSSHd Multiple Remote Stack Overflow Vulnerabilities. Version : 1.2.1 Advisory: http://www.bmgsec.com.au/advisory/42/ Discovered &...

GoodTech SSH Server多个SFTP命令栈溢出漏洞

BUGTRAQ ID: 31879 GoodTech SSH Server是运行在Windows系统上的服务器应用，允许远程用户安全的访问主机。 GoodTech SSH Server在处理用户请求时存在漏洞，如果远程攻击者向服务器发送了带有超长字符串参数的SFTP open、opendir或unlink命令的话，就可能触发栈溢出，导致在服务器上执行任意指令。 GoodTech SSH Server 6.4 GoodTech -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.goodtechsys.co...

freeSSHd SFTP命令栈溢出漏洞

BUGTRAQ ID: 29453 freeSSHd是免费的SSH服务器实现。 freeSSHd在处理SFTP命令时存在栈溢出漏洞，如果远程攻击者可以SFTP访问服务器并通过SFTP命令请求了带有超长名称的目录的话，就可以触发这个溢出，导致执行任意指令。 Kresimir Grofelnik freeSSHd 1.2.1 Kresimir Grofelnik ------------------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.freesshd.com/...