3083 matches found
CVE-2016-1000282
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/smtp/haraka.py 2019-02-05 20:22:28+00:00| seen| https://t.me/cibsecurity/2401...
CVE-2010-20107
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/ftpsynchlistreply.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
CVE-2025-34110
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/coloradoftptraversal.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
ALPINE-CVE-2018-1000300
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...
SAP Internet Graphics Server HTTP and RFC listener denial of service vulnerability
SAP Internet Graphics Server IGS is a graphics server from SAP, Germany. The product is able to generate graphs or charts in different areas.HTTP is one of the hypertext transfer protocols; RFC listener is one of the RFC listener. A security vulnerability exists in HTTP and RFC listener in SAP IG...
mySCADA myPRO File Upload Vulnerability
mySCADA myPRO is an industrial visualization control system from mySCADA Technologies, Czech Republic. A security vulnerability exists in the file 'myscadagate.exe' in mySCADA myPRO version 7, which originates from the program's use of a hard-coded FTP account username: myscada, password: Vikuk63...
CVE-2018-11311
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials...
FTP shutdown response buffer overflow
curl might overflow a heap based memory buffer when closing down an FTP connection with long server command replies. When doing FTP transfers, curl keeps a spare "closure handle" around internally that is used when an FTP connection gets shut down since the original curl easy handle is then alrea...
CVE-2018-7505
In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application...
Lenovo Help Android mobile app information disclosure vulnerability
Lenovo Help Android is an Android-based mobile application from Lenovo, a Chinese company, for getting support for Lenovo products. A security vulnerability exists in the Lenovo Help Android mobile application prior to version 6.1.2.0327, which can be exploited to obtain information over an HTTP...
The vulnerability of the FTP URI processor of the software tool for interacting with servers via cURL allows a hacker to induce a service failure.
The vulnerability of the FTP URI handler of the software interface to interactions with servers via cURL arises due to buffer overflows. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
CVE-2018-2879
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Authentication Engine. Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2018-2849
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 16.2 and 17.1 - 17.12. Easily exploitable vulnerability allows low privileged attacker with network...
MikroTik FTP Daemon Denial of Service Vulnerability
MikroTik is a set of routing operating system based on Linux core development of Latvian MikroTik company. The system turns a PC computer into a professional router. A security vulnerability exists in MikroTik version 6.41.4. A remote attacker can exploit the vulnerability to prevent the router...
The vulnerability of the FTPShell Client, related to the execution of operations beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code or cause the application to terminate abnormally.
The vulnerability of the FTPShell Client FTP client is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause the application to terminate abnormally by sending a specially crafted...
Arbitrary File Write
Amendment This was deemed not a vulnerability. Overview org.apache.hive:hive-common is a reading, writing, and managing large datasets residing in distributed storage using SQL. Affected versions of this package are vulnerable to Arbitrary File Write via the File Transfer Protocol FTP client...
Arbitrary File Write
Overview org.apache.hive:hive-hplsql is a data warehouse software facilitates reading, writing, and managing large datasets residing in distributed storage using SQL. Affected versions of this package are vulnerable to Arbitrary File Write via the File Transfer Protocol FTP client functionality...
Weak Encryption Algorithm Vulnerability in Various Schneider Electric Products
Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200 are programmable controllers from Schneider Electric, France. A weak cryptographic algorithm vulnerability exists in various Schneider Electric products, which stems from the FTP server not limiting the length of...
Schneider Electric uses hard-coded certificate vulnerability in several products
Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200 are programmable controllers from Schneider Electric, France. A hard-coded certificate vulnerability exists in various Schneider Electric products, which stems from an FTP server containing a hard-coded account tha...
Stack Buffer Overflow Vulnerability in Various Schneider Electric Products
Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200 are programmable controllers from Schneider Electric, France. A stack buffer overflow vulnerability exists in various Schneider Electric products, which stems from the FTP server not limiting the length of the...