Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filezilla filezilla vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2015-10003
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0....
Filezilla-project Filezilla Server
NA
CVE-2005-0850
FileZilla FTP server prior to 0.9.6 allows remote malicious users to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others.
Filezilla-project Filezilla Server
6.5
CVSSv3
CVE-2022-29620
FileZilla v3.59.0 allows malicious users to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability
Filezilla-project Filezilla Client 3.59.0
7.8
CVSSv3
CVE-2016-15003
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attac...
Filezilla-project Filezilla Client 3.17.0
NA
CVE-2005-3589
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote malicious users to cause a denial of service (terminal crash) via a long USER ftp command.
Filezilla Filezilla Server Terminal 0.9.4d
1 EDB exploit
7.8
CVSSv3
CVE-2019-5429
Untrusted search path in FileZilla prior to 3.41.0-rc1 allows an malicious user to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
Filezilla-project Filezilla Client
Debian Debian Linux 9.0
Fedoraproject Fedora 28
5.9
CVSSv3
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
NA
CVE-2013-4852
Integer overflow in PuTTY 0.62 and previous versions, WinSCP prior to 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an...
Winscp Winscp 5.1.1
Winscp Winscp 5.0.6
Winscp Winscp 4.3.2
Winscp Winscp 5.0.9
Winscp Winscp 5.0.7
Winscp Winscp 3.8 Beta
Winscp Winscp 5.0.5
Winscp Winscp 5.1.4
Winscp Winscp 5.1.2
Winscp Winscp 4.2.7
Winscp Winscp
Winscp Winscp 4.0.4
Winscp Winscp 4.3.9
Winscp Winscp 4.2.9
Winscp Winscp 4.3.6
Winscp Winscp 4.3.7
Winscp Winscp 4.2.6
Winscp Winscp 5.0.2
Winscp Winscp 4.2.8
Winscp Winscp 3.8.2
Winscp Winscp 4.4.0
Winscp Winscp 4.3.4
NA
CVE-2013-4206
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY prior to 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing ...
Putty Putty 0.50
Putty Putty 0.49
Putty Putty 0.51
Simon Tatham Putty 0.53
Putty Putty 0.55
Simon Tatham Putty
Putty Putty 0.53b
Putty Putty 0.52
Putty Putty 0.48
Putty Putty 0.54
Putty Putty 0.45
Putty Putty 0.46
Putty Putty 0.47
Putty Putty 0.56
Putty Putty 0.57
Putty Putty 0.58
Putty Putty 0.59
Putty Putty 0.60
Putty Putty 0.61
Putty Putty 2010-06-01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »