CVE-2010-20122 Xftp FTP Client <= 3.0 PWD Response Buffer Overflow

Xftp FTP Client version up to and including 3.0 build 0238 contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the...

CVE-2010-20112

Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including...

CVE-2010-20115 Vermillion FTP <= 1.31 Daemon PORT Command Memory Corruption

Arcane Software’s Vermillion FTP Daemon vftpd versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and...

CVE-2010-20007

CVE-2010-20007 concerns Seagull FTP Client

CVE-2010-20007 Seagull FTP v3.3 Build 409 Stack Buffer Overflow

Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...

CVE-2010-20034

Gekko Manager FTP Client = 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the...

CVE-2010-20108

CVE-2010-20108 affects FTPPad

CVE-2010-20107

CVE-2010-20107 describes a stack-based buffer overflow in FTP Synchronizer Professional prior to or equal to 4.0.73.274. When the client issues a LIST command, a server response containing an overly long filename can overflow the buffer and corrupt the Structured Exception Handler (SEH), potentia...

CVE-2010-20113 EasyFTP Server list.html path Stack Buffer Overflow

EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the...

CVE-2010-20112

CVE-2010-20112 affects Amlib NetOpacs webquery.dll. The vulnerability is a stack-based buffer overflow triggered by improper handling of HTTP GET parameters, where bounds on the app parameter are not enforced, allowing data to overwrite memory structures including the SEH. Malformed parameter nam...

Smuggling Requests with Chunked Extensions: A New HTTP Desync Trick

A new HTTP request smuggling technique was recently discovered, where attackers take advantage of inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This attack technique leverages ambiguous request formatting to inject malicious secondary requests th...

PT-2025-34303 · Unknown · Seagull Ftp Client

Name of the Vulnerable Software and Affected Versions: Seagull FTP Client version 3.3 build 409 Description: Seagull FTP Client contains a stack-based buffer overflow in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command...

INFINITT PACS System Manager 代码问题漏洞

INFINITT PACS System Manager is a medical image archiving and transfer system from INFINITT Corporation. A code issue vulnerability exists in INFINITT PACS System Manager that originates from uploading an arbitrary file, which could lead to a system compromise...

Gekko Manager FTP Client 安全漏洞

Gekko Manager FTP Client is an FTP client software from Gekko Manager, Inc. A security vulnerability exists in Gekko Manager FTP Client version 0.77 and prior versions, which originates from the FTP directory listing parser not validating the length of filenames, and could lead to a stack buffer...

PT-2025-34306 · Ftppad · Ftppad

Name of the Vulnerable Software and Affected Versions: FTPPad versions prior to 1.3.0 Description: FTPPad contains a stack-based buffer overflow in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessive...

PT-2025-34311 · Sftpclient · Xftp Client

Name of the Vulnerable Software and Affected Versions: Xftp FTP Client versions through 3.0 build 0238 Description: Xftp FTP Client versions up to and including 3.0 build 0238 contain a stack-based buffer overflow vulnerability. This issue is triggered by a maliciously crafted PWD response from a...

PT-2025-34305 · Unknown · Ftp Synchronizer Professional

Name of the Vulnerable Software and Affected Versions: FTP Synchronizer Professional versions prior to 4.0.73.274 Description: A stack-based buffer overflow exists in FTP Synchronizer Professional when the client connects to an FTP server and issues a LIST command. A server response containing an...

Seagull FTP Client 安全漏洞

Seagull FTP Client is an FTP client software from Seagull USA. A security vulnerability exists in Seagull FTP Client v3.3 Build 409 and earlier versions, which stems from the FTP directory listing parser not validating the length of filenames, and could lead to a stack buffer overflow and executi...

Linux Distros Unpatched Vulnerability : CVE-2010-3494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service daemon outage by...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via malformed HTTP/2 control frames that manipulate the RSTSTREAM process. An attacker can exhaust server resources and disrupt service availability by rapidly sending specially craft...