Lucene search
K

12645 matches found

CNNVD
CNNVD
added 2025/05/27 12:0 a.m.4 views

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0, which stems from the failure of the ASCII Command Handler component to properly validate the length size of the input data, and for which no detailed vulnerability...

9.8CVSS7.3AI score0.00588EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2025/05/25 12:0 a.m.6 views

Evaluating Query Efficiency and Accuracy of Transfer Learning-Based Model Extraction Attack in Federated Learning

Federated Learning FL is a collaborative learning framework designed to protect client data, yet it remains highly vulnerable to Intellectual Property IP threats. Model extraction ME attacks pose a significant risk to Machine Learning as a Service MLaaS platforms, enabling attackers to replicate...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:50 a.m.9 views

CVE-2024-7744

In WSFTP Server versions before 8.8.8 2022.0.8, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has bee...

6.5CVSS6.7AI score0.00688EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.5 views

CVE-2024-36059

Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2.3.5 allows attackers to read/write arbitrary files via the IEC61850 File Transfer protocol...

9.4CVSS7.1AI score0.00742EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.8 views

CVE-2024-29954

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the...

5.9CVSS6.7AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.4 views

CVE-2024-21038

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS5.8AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:3 a.m.3 views

CVE-2024-5264

Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis...

6.5CVSS6.8AI score0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.7 views

CVE-2024-51426

An issue in the PepeGxng smart contract which can be run on the Ethereum blockchain allows remote attackers to have an unspecified impact via the transfer function. NOTE: this is disputed by third parties because the impact is limited to function calls...

8.8CVSS7.2AI score0.00478EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.6 views

CVE-2024-29309

An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service...

7.7CVSS8AI score0.00657EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:19 a.m.5 views

CVE-2024-8160

Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticati...

3.8CVSS4.7AI score0.00614EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.4 views

CVE-2023-22551

The FTP aka "Implementation of a simple FTP client and server" project through 96c1a35 allows remote attackers to cause a denial of service memory consumption by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not...

7.5CVSS6.8AI score0.01514EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.2 views

CVE-2023-21943

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require human interaction from a...

5.3CVSS5.7AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.12 views

CVE-2023-6217

In Progress MOVEit Transfer versions released before 2022.0.9 14.0.9, 2022.1.10 14.1.10, 2023.0.7 15.0.7, a reflected cross-site scripting XSS vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer. An attacker could craft a malicious payload targeting t...

7.1CVSS5.7AI score0.00511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.19 views

CVE-2023-6690

A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed i...

3.9CVSS6.8AI score0.00326EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.6 views

CVE-2023-6803

A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1...

5.8CVSS6.8AI score0.00166EPSS
Exploits0References1
Fedora
Fedora
added 2025/05/23 3:57 a.m.10 views

[SECURITY] Fedora 41 Update: zsync-0.6.2-3.fc41

zsync is a file transfer program. It allows you to download a file from a remote server, where you have a copy of an older version of the file on your computer already. zsync downloads only the new parts of the file. It uses the same algorithm as rsync. However, where rsync is designed for...

9.8CVSS9AI score0.04793EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:30 a.m.7 views

CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal...

9.8CVSS7AI score0.01339EPSS
Exploits1References1
Fedora
Fedora
added 2025/05/23 3:26 a.m.15 views

[SECURITY] Fedora 42 Update: zsync-0.6.2-3.fc42

zsync is a file transfer program. It allows you to download a file from a remote server, where you have a copy of an older version of the file on your computer already. zsync downloads only the new parts of the file. It uses the same algorithm as rsync. However, where rsync is designed for...

9.8CVSS9AI score0.04793EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:17 a.m.6 views

CVE-2023-27830

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account...

9CVSS7AI score0.01078EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:10 a.m.3 views

CVE-2023-21457

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission...

8.1CVSS6.7AI score0.00168EPSS
Exploits0References1
Rows per page
Query Builder