Lucene search
K
Filezilla-projectFilezilla Client

7 matches found

CVE
CVE
added 2023/12/18 12:0 a.m.4901 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.9378EPSS
CVE
CVE
added 2024/04/15 12:0 a.m.824 views

CVE-2024-31497

PuTTY versions 0.68–0.80 (before 0.81) are vulnerable to a biased ECDSA nonce issue that can enable an attacker to recover a user’s NIST P-521 private key after observing signatures. The CVE is discussed in multiple advisories and vendor notices (Debian LTS advisory DLA-3839-1, Fedora package upd...

5.9CVSS5.9AI score0.05773EPSS
CVE
CVE
added 2019/04/29 2:13 p.m.170 views

CVE-2019-5429

CVE-2019-5429 affects FileZilla and is caused by an untrusted search path that allows privilege escalation via a malicious ‘fzsftp’ binary placed in a user’s home directory. The vulnerability impacts FileZilla versions before 3.41.0-rc1 and is described in multiple sources (e.g., Debian DLA-3026-...

7.8CVSS7.4AI score0.02484EPSS
CVE
CVE
added 2022/06/07 8:7 p.m.72 views

CVE-2022-29620

FileZilla v3.59.0 is affected by a memory-dump exposure where an attacker can obtain cleartext passwords of connected SSH/FTP servers. This is consistently described across Red Hat, Ubuntu, NVD, CVE records, and CNNVD, all noting the vendor does not consider it a vulnerability or a lack of a publ...

6.5CVSS6.3AI score0.01689EPSS
CVE
CVE
added 2022/07/18 8:35 a.m.60 views

CVE-2016-15003

FileZilla Client 3.17.0.0 is affected by a local unquoted search path vulnerability in the Installer uninstall.exe. The underlying issue is an unquoted path in the uninstall component, which can be exploited to cause elevated access. The available description notes that the attack can be initiate...

7.8CVSS6.9AI score0.00738EPSS
CVE
CVE
added 2025/12/19 9:5 p.m.27 views

CVE-2023-53959

FileZilla Client 3.63.1 is affected by a DLL hijacking flaw: an attacker can place a crafted TextShaping.dll in the application directory to achieve remote code execution when FileZilla is launched. The vulnerability stems from a missing/bad TextShaping.dll that can be replaced with a malicious p...

9.8CVSS7.9AI score0.00733EPSS
CVE
CVE
added 2026/04/05 8:45 p.m.19 views

CVE-2019-25683

FileZilla 3.40.0 is reported vulnerable to a local-denial-of-service in the local search function. A crafted search directory input consisting of 384 'A' characters followed by 'BBBB' and 'CCCC' sequences can crash the application when performing a local search. CVSS data indicates local attack v...

6.9CVSS5.9AI score0.00173EPSS