43 matches found
AZL-57428 CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57289 CVE-2025-22869 affecting package cri-o 1.30.1-1
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57350 CVE-2025-22869 affecting package telegraf for versions less than 1.31.0-7
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57401 CVE-2025-22869 affecting package moby-engine for versions less than 25.0.3-11
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57369 CVE-2025-22869 affecting package kubevirt for versions less than 1.2.0-15
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57434 CVE-2025-22869 affecting package moby-compose for versions less than 2.17.3-10
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
GO-2025-3487 Potential denial of service in golang.org/x/crypto
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
SSH id_rsa File Detected
A SSH idrsa file have been detected on the target web application. This key can be used to gain unauthorized access to the server. No source data...
Xlight FTP 输入验证错误漏洞
Xlight FTP is a high performance and easy to use FTP server software from Xlight FTP Inc. Make file transfers secure and easy to use. A security vulnerability exists in Xlight FTP versions prior to 3.9.4.3 that stems from an integer overflow in the SFTP server packet parsing logic, which could le...
[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39
FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...
The vulnerability of the /api/upload component of the software platform zdir, which allows a perpetrator to execute arbitrary code.
The vulnerability of the /api/upload component in the zdir application exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created .ssh fil...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing allocation check in sftp server processing read requests. A malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which is not being checked for failure. For...
UBUNTU-CVE-2023-27534
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...
CVE-2023-23314
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...
CVE-2023-23314
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...
CVE-2023-23314
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...
CVE-2023-23314
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...
CVE-2022-38337
When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...
openssh bug fix update
An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...