Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pasv vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-4189
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an malicious user to set up a malicious FTP server that can tric...
Python Python
Python Python 3.10.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Netapp Ontap Select Deploy Administration Utility -
6.5
CVSSv3
CVE-2021-37533
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage o...
Apache Commons Net
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
7.4
CVSSv3
CVE-2021-32066
An issue exists in Ruby up to and including 2.6.7, 2.7.x up to and including 2.7.3, and 3.x up to and including 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle malicious users to bypass the TLS prot...
Ruby-lang Ruby
Oracle Jd Edwards Enterpriseone Tools
NA
CVE-2001-0187
Format string vulnerability in wu-ftp 2.6.1 and previous versions, when running with debug mode enabled, allows remote malicious users to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
Washington University Wu-ftpd 2.4.2 Beta18
Washington University Wu-ftpd 2.4.2 Beta18 Vr14
Washington University Wu-ftpd 2.4.2 Vr17
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Washington University Wu-ftpd 2.5
Washington University Wu-ftpd 2.4.1
Washington University Wu-ftpd 2.4.2 Vr16
Washington University Wu-ftpd 2.4.2 Beta18 Vr11
Washington University Wu-ftpd 2.4.2 Beta18 Vr6
Washington University Wu-ftpd 2.4.2 Beta18 Vr4
Washington University Wu-ftpd 2.6
Washington University Wu-ftpd 2.4.2 Beta18 Vr12
Washington University Wu-ftpd 2.4.2 Beta18 Vr5
Washington University Wu-ftpd 2.4.2 Beta18 Vr13
Washington University Wu-ftpd 2.4.2 Beta18 Vr10
Washington University Wu-ftpd 2.4.2 Beta9
Washington University Wu-ftpd 2.4.2 Beta18 Vr15
Washington University Wu-ftpd 2.4.2 Beta18 Vr7
Washington University Wu-ftpd 2.4.2 Beta18 Vr8
1 EDB exploit
7.5
CVSSv3
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n'...
Python Python 3.10.0
Python Python
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Hci Compute Node -
Netapp Management Services For Element Software -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
6.5
CVSSv3
CVE-2021-3733
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specia...
Python Python
Python Python 3.10.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Codeready Linux Builder 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 7.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci Compute Node Firmware -
7.5
CVSSv3
CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to syst...
Python Python
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Codeready Linux Builder 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.04
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Management Services For Element Software -
Netapp Netapp Xcp Smb -
Netapp Xcp Nfs -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
7.5
CVSSv3
CVE-2020-8231
Due to use of a dangling pointer, libcurl 7.29.0 up to and including 7.71.1 can use the wrong connection when sending data.
Haxx Libcurl
Siemens Sinec Infrastructure Network Services
Debian Debian Linux 10.0
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.5
CVSSv3
CVE-2020-8286
curl 7.41.0 up to and including 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
Haxx Libcurl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Bootstrap Os -
Netapp Hci Storage Node Firmware -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos
Siemens Simatic Tim 1531 Irc Firmware
Siemens Sinec Infrastructure Network Services
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
2 Github repositories
7.5
CVSSv3
CVE-2020-8285
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
Haxx Libcurl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Bootstrap Os -
Netapp Hci Storage Node Firmware -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Fujitsu M12-1 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »