Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filezilla filezilla vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-15003
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attac...
Filezilla-project Filezilla Client 3.17.0
7.8
CVSSv3
CVE-2019-5429
Untrusted search path in FileZilla prior to 3.41.0-rc1 allows an malicious user to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
Filezilla-project Filezilla Client
Debian Debian Linux 9.0
Fedoraproject Fedora 28
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
307 Github repositories
4 Articles
6.5
CVSSv3
CVE-2022-29620
FileZilla v3.59.0 allows malicious users to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability
Filezilla-project Filezilla Client 3.59.0
5.9
CVSSv3
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
4.3
CVSSv3
CVE-2015-10003
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0....
Filezilla-project Filezilla Server
NA
CVE-2013-4206
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY prior to 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing ...
Simon Tatham Putty 0.53
Putty Putty 0.52
Putty Putty 0.51
Putty Putty 0.50
Putty Putty 0.61
Putty Putty 0.60
Putty Putty 0.59
Putty Putty 0.58
Putty Putty 0.57
Putty Putty 0.45
Putty Putty 2010-06-01
Simon Tatham Putty
Putty Putty 0.55
Putty Putty 0.53b
Putty Putty 0.49
Putty Putty 0.47
Putty Putty 0.56
Putty Putty 0.54
Putty Putty 0.48
Putty Putty 0.46
NA
CVE-2013-4852
Integer overflow in PuTTY 0.62 and previous versions, WinSCP prior to 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an...
Winscp Winscp 5.1.4
Winscp Winscp 5.1.3
Winscp Winscp 5.1.2
Winscp Winscp 5.1.1
Winscp Winscp 4.3.8
Winscp Winscp 4.3.7
Winscp Winscp 4.3.6
Winscp Winscp 3.7.6
Winscp Winscp 5.0.6
Winscp Winscp 5.0.5
Winscp Winscp 5.0.4
Winscp Winscp 5.0.3
Winscp Winscp 5.0.2
Winscp Winscp 4.2.6
Winscp Winscp 4.2.7
Winscp Winscp 4.2.8
Winscp Winscp 4.2.9
Winscp Winscp 5.0.9
Winscp Winscp 5.0.7
Winscp Winscp 5.0
Winscp Winscp 4.3.9
Winscp Winscp 3.8.2
NA
CVE-2013-4207
Buffer overflow in sshbn.c in PuTTY prior to 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum fun...
Putty Putty 0.57
Putty Putty 0.56
Putty Putty 0.55
Putty Putty 0.54
Putty Putty 0.53b
Simon Tatham Putty
Putty Putty 0.49
Putty Putty 0.48
Putty Putty 0.47
Putty Putty 0.46
Putty Putty 0.60
Putty Putty 0.58
Putty Putty 0.52
Putty Putty 0.50
Putty Putty 0.45
Putty Putty 0.61
Putty Putty 0.59
Simon Tatham Putty 0.53
Putty Putty 0.51
Putty Putty 2010-06-01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »