Lucene search
K

43 matches found

OSV
OSV
added 2025/02/26 8:14 a.m.17 views

AZL-57428 CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.7 views

AZL-57289 CVE-2025-22869 affecting package cri-o 1.30.1-1

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.9 views

AZL-57350 CVE-2025-22869 affecting package telegraf for versions less than 1.31.0-7

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.15 views

AZL-57401 CVE-2025-22869 affecting package moby-engine for versions less than 25.0.3-11

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.8 views

AZL-57369 CVE-2025-22869 affecting package kubevirt for versions less than 1.2.0-15

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:14 a.m.10 views

AZL-57434 CVE-2025-22869 affecting package moby-compose for versions less than 2.17.3-10

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 2:51 a.m.9 views

GO-2025-3487 Potential denial of service in golang.org/x/crypto

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/29 12:0 a.m.8 views

SSH id_rsa File Detected

A SSH idrsa file have been detected on the target web application. This key can be used to gain unauthorized access to the server. No source data...

7.6AI score
Exploits0References1
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.4 views

Xlight FTP 输入验证错误漏洞

Xlight FTP is a high performance and easy to use FTP server software from Xlight FTP Inc. Make file transfers secure and easy to use. A security vulnerability exists in Xlight FTP versions prior to 3.9.4.3 that stems from an integer overflow in the SFTP server packet parsing logic, which could le...

9.8CVSS7AI score0.01115EPSS
Exploits0References2
Fedora
Fedora
added 2024/04/18 1:12 a.m.25 views

[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

5.9CVSS5.7AI score0.05773EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.3 views

The vulnerability of the /api/upload component of the software platform zdir, which allows a perpetrator to execute arbitrary code.

The vulnerability of the /api/upload component in the zdir application exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created .ssh fil...

9CVSS8.1AI score0.01226EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2023/07/23 12:52 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing allocation check in sftp server processing read requests. A malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which is not being checked for failure. For...

6.5CVSS7AI score0.00767EPSS
Exploits0References2
OSV
OSV
added 2023/03/20 12:0 a.m.4 views

UBUNTU-CVE-2023-27534

A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...

8.8CVSS7.1AI score0.02195EPSS
Exploits1References4
NVD
NVD
added 2023/01/23 5:15 a.m.14 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

8.8CVSS8.8AI score0.01226EPSS
Exploits1References1
Prion
Prion
added 2023/01/23 5:15 a.m.17 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

6.5CVSS8.8AI score0.01226EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/23 12:0 a.m.6 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

8AI score0.01226EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/23 12:0 a.m.16 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

9AI score0.01226EPSS
Exploits1References1
OSV
OSV
added 2023/01/23 12:0 a.m.13 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

8.8CVSS7.7AI score0.01226EPSS
Exploits1References3
OSV
OSV
added 2022/12/06 12:15 a.m.4 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS5.8AI score0.00729EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/09/20 11:38 a.m.18 views

openssh bug fix update

An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

1AI score
Exploits0
Rows per page
Query Builder