Lucene search
K

2225 matches found

Metasploit
Metasploit
added 4 days ago14 views

TFTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager

Fetch and execute an RISC-V 64-bit payload from a TFTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/riscv64le/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf...

6.2AI score
Exploits0
OSV
OSV
added 2026/06/24 1:11 p.m.4 views

OESA-2026-2705 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:11 p.m.8 views

OESA-2026-2704 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/19 2:16 p.m.31 views

CVE-2020-37250 TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during servi...

8.5CVSS0.00119EPSS
Exploits0References3
CVE
CVE
added 2026/06/19 2:16 p.m.15 views

CVE-2020-37250

CVE-2020-37250 affects TFTP Broadband 4.3.0.1465 where the unquoted service path in the tftpt.exe service binary enables local privilege escalation to LocalSystem by placing a malicious executable in the Program Files path that is executed at service startup or system reboot. The vulnerability is...

8.5CVSS6.2AI score0.00119EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/06/02 9:6 a.m.25 views

curl: TFTP upload ignores --continue-at / CURLOPT_RESUME_FROM and leaks skipped local file prefix

Summary TFTP uploads ignore the configured resume offset. When a caller runs curl -C N -T file tftp://... or uses libcurl with CURLOPTUPLOAD and CURLOPTRESUMEFROM, curl should skip the first N bytes of the local source before uploading. Instead, the TFTP code sends the complete local file from by...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libssh

In libssh 0.9.4, there is a NULL pointer dereferencing in tftpserver.c if sshbuffernew returns NULL...

5.9CVSS6.6AI score0.04105EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libslirp

An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...

3.8CVSS6.7AI score0.00326EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/05/19 11:56 a.m.10 views

Security update for erlang26

This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...

9.1CVSS7.2AI score0.00644EPSS
Exploits0References26
Debian
Debian
added 2026/05/19 12:7 a.m.16 views

[SECURITY] [DLA 4590-1] erlang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4590-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro May 18, 2026 https://wiki.debian.org/LTS -...

9.4CVSS7.1AI score0.00644EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 6:37 a.m.13 views

Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.17 views

SUSE SLES15 Security Update : erlang (SUSE-SU-2026:1714-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1714-1 advisory. - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling...

9.8CVSS6AI score0.00644EPSS
Exploits0References16
OSV
OSV
added 2026/05/08 11:36 a.m.8 views

CLSA-2026-1778223262 curl: Fix of 3 CVEs

CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...

9.8CVSS7AI score0.17939EPSS
Exploits0References1
CloudLinux
CloudLinux
added 2026/05/08 11:36 a.m.11 views

curl: Fix of 3 CVEs

CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...

9.8CVSS7AI score0.17939EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.17 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

6.8CVSS6AI score0.00276EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/06 12:8 p.m.10 views

Security update for erlang

This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...

9.1CVSS7.2AI score0.00644EPSS
Exploits0References20
OSV
OSV
added 2026/05/06 12:8 p.m.5 views

SUSE-SU-2026:1714-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. - CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. - CVE-2026-2394...

9.8CVSS7.2AI score0.00644EPSS
Exploits0References11
OSV
OSV
added 2026/05/05 9:18 p.m.10 views

CLSA-2026-1777877363 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.6AI score0.49739EPSS
Exploits1References1
CloudLinux
CloudLinux
added 2026/05/05 9:18 p.m.15 views

curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.8AI score0.49739EPSS
Exploits1
OSV
OSV
added 2026/05/04 7:0 a.m.8 views

CLSA-2026-1777878036 curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

7.8CVSS6.8AI score0.49739EPSS
Exploits1References1
Rows per page
Query Builder