Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ftp service vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-6880
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
Cerberus Cerberus Ftp Server 8.0.10.3
1 EDB exploit
9.8
CVSSv3
CVE-2015-7261
The FTP service in QNAP iArtist Lite prior to 1.4.54, as distributed with QNAP Signage Station prior to 2.0.1, has hardcoded credentials, which makes it easier for remote malicious users to obtain access via a session on TCP port 21.
Qnap Iartist Lite
Qnap Signage Station
9.6
CVSSv3
CVE-2017-10346
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network ...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 5.8
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
1 Article
9.1
CVSSv3
CVE-2021-22945
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
Haxx Libcurl
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Oracle Mysql Server
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
Apple Macos
Siemens Sinec Ins
Debian Debian Linux 11.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
9.1
CVSSv3
CVE-2021-22704
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior...
Schneider-electric Vijeo Designer
Schneider-electric Ecostruxure Machine Expert
Schneider-electric Ecostruxure Machine Expert 2.0
9.1
CVSSv3
CVE-2018-16842
Curl versions 7.14.1 up to and including 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
Haxx Curl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.1
CVSSv3
CVE-2018-15485
An issue exists on KONE Group Controller (KGC) devices prior to 4.6.5. FTP does not require authentication or authorization, aka KONE-03.
Kone Group Controller Firmware
9.1
CVSSv3
CVE-2018-15486
An issue exists on KONE Group Controller (KGC) devices prior to 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.
Kone Group Controller Firmware
8.8
CVSSv3
CVE-2023-27534
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's h...
Haxx Curl
Fedoraproject Fedora 36
Netapp Active Iq Unified Manager -
Broadcom Brocade Fabric Operating System Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
8.8
CVSSv3
CVE-2021-41635
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote malicious users to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.
Melag Ftp Server 2.2.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »