Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Filezilla Security Vulnerabilities

cve
cve

CVE-2005-2898

NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information....

6.7AI Score

0.0004EPSS

2005-09-14 08:03 PM
28
cve
cve

CVE-2005-3589

Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.

7.2AI Score

0.559EPSS

2005-11-16 07:42 AM
39
cve
cve

CVE-2006-2173

Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the MLSD command, or (2) the remote server interface, as demonstrated by the Infigo FTPStress Fuzzer.

7.7AI Score

0.052EPSS

2006-05-04 12:38 PM
29
cve
cve

CVE-2006-2403

Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors.

7.8AI Score

0.016EPSS

2006-05-16 01:02 AM
29
cve
cve

CVE-2006-6564

FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.

6.6AI Score

0.013EPSS

2006-12-15 11:28 AM
27
cve
cve

CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of...

8AI Score

0.036EPSS

2007-01-18 12:28 AM
30
cve
cve

CVE-2007-0317

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.

7.7AI Score

0.027EPSS

2007-01-18 12:28 AM
63
cve
cve

CVE-2007-2318

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information.

7.7AI Score

0.033EPSS

2007-04-26 09:19 PM
50
cve
cve

CVE-2015-10003

A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to add...

4.3CVSS

4.6AI Score

0.001EPSS

2022-07-17 07:15 AM
52
5
cve
cve

CVE-2019-5429

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.

7.8CVSS

7.4AI Score

0.002EPSS

2019-04-29 03:29 PM
60