Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure file transfer vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-5246
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authentic...
Biscom Secure File Transfer -
3.5
CVSSv2
CVE-2017-5247
Biscom Secure File Transfer is vulnerable to cross-site scripting in the File Name field. An authenticated user with permissions to upload or send files can populate this field with a filename that contains standard HTML scripting tags. The resulting script will evaluated by any ...
Biscom Secure File Transfer -
9
CVSSv2
CVE-2009-4646
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.
Accellion Secure File Transfer Appliance
4.3
CVSSv2
CVE-2008-3850
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
Accellion Secure File Transfer Appliance 7 0 135
1 EDB exploit
5
CVSSv2
CVE-2021-33037
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ign...
Apache Tomcat
Apache Tomee 8.0.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Sd-wan Edge 9.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Secure Global Desktop 5.6
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Session Route Manager
Oracle Mysql Enterprise Monitor
Oracle Communications Session Report Manager
Oracle Sd-wan Edge 9.1
Oracle Utilities Testing Accelerator 6.0.0.2.2
Oracle Utilities Testing Accelerator 6.0.0.3.1
Oracle Utilities Testing Accelerator 6.0.0.1.1
5
CVSSv2
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
3 Github repositories
7.5
CVSSv2
CVE-2003-0962
Heap-based buffer overflow in rsync prior to 2.5.7, when running in server mode, allows remote malicious users to execute arbitrary code and possibly escape the chroot jail.
Andrew Tridgell Rsync 2.4.4
Andrew Tridgell Rsync 2.4.5
Andrew Tridgell Rsync 2.5.5
Andrew Tridgell Rsync 2.5.6
Engardelinux Secure Community 1.0.1
Engardelinux Secure Community 2.0
Andrew Tridgell Rsync 2.4.1
Andrew Tridgell Rsync 2.4.3
Andrew Tridgell Rsync 2.5.2
Andrew Tridgell Rsync 2.5.3
Andrew Tridgell Rsync 2.5.4
Redhat Rsync 2.5.5-1
Redhat Rsync 2.5.5-4
Andrew Tridgell Rsync 2.3.1
Andrew Tridgell Rsync 2.4.6
Andrew Tridgell Rsync 2.4.8
Redhat Rsync 2.4.6-2
Redhat Rsync 2.4.6-5
Engardelinux Secure Linux 1.1
Engardelinux Secure Linux 1.2
Andrew Tridgell Rsync 2.3.2
Andrew Tridgell Rsync 2.4.0
4
CVSSv2
CVE-2019-12693
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variab...
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
8.5
CVSSv2
CVE-2021-34718
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote malicious user to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user ...
Cisco Ios Xr
5
CVSSv2
CVE-2009-0432
The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x prior to 6.1.0.19 does not enable the secure version, which allows remote malicious users to obtain sensitive information via unspe...
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »