Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp tftp vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-21394
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is before 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox execu...
Oracle Vm Virtualbox
NA
CVE-2008-6195
Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.80.1.1 and previous versions allows remote malicious users to read arbitrary files via a subdirectory name followed by ".." sequences, a different vulnerability...
Landesk Landesk Management Suite 8.7
Landesk Landesk Management Suite
1 EDB exploit
9.8
CVSSv3
CVE-2018-15379
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote malicious user to upload an arbitrary file. This file could allow the malicious user to execute commands at the privilege...
Cisco Prime Infrastructure 3.4\\(0.0\\)
Cisco Prime Infrastructure 3.5\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(2.0\\)
Cisco Prime Infrastructure 3.2
Cisco Prime Infrastructure 3.3
Cisco Prime Infrastructure 3.4
Cisco Prime Infrastructure 3.2\\(1.0\\)
Cisco Prime Infrastructure 3.3\\(0.0\\)
1 EDB exploit
7.5
CVSSv3
CVE-2020-24990
An issue exists in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.
Qsc Q-sys Core Manager 8.2.1
7.8
CVSSv3
CVE-2022-47505
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.
Solarwinds Orion Platform
NA
CVE-2015-0743
Cisco Headend System Release allows remote malicious users to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.
Cisco Headend Digital Broadband Delivery System -
Cisco Headend System Release 2.5
Cisco Headend System Release 2.7
Cisco Headend System Release 3.2
Cisco Headend System Release 3.5
Cisco Headend System Release I4.3
Cisco Headend System Release 3.7
8.6
CVSSv3
CVE-2019-1814
A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote malicious user to cause the device to become low on system memory, which in turn could lead to an unexpected ...
Cisco Sf302-08pp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-28pp Firmware
Cisco Sf300-08 Firmware
Cisco Sf300-48p Firmware
Cisco Sg300-10mp Firmware
Cisco Sg300-10p Firmware
Cisco Sg300-10 Firmware
Cisco Sg300-28p Firmware
Cisco Sf300-24p Firmware
Cisco Sf302-08mp Firmware
Cisco Sg300-28 Firmware
Cisco Sf300-48 Firmware
Cisco Sg300-20 Firmware
Cisco Sf302-08p Firmware
Cisco Sg300-52 Firmware
Cisco Sf300-24 Firmware
Cisco Sf302-08 Firmware
NA
CVE-2013-0145
Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in a read request.
Vercot Serva32 2.1.0
1 EDB exploit
NA
CVE-2011-3271
Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote malicious users to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165.
Cisco Ios 12.2
Cisco Ios 15.1
NA
CVE-2009-2957
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq prior to 2.50, when --enable-tftp is used, might allow remote malicious users to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
Thekelleys Dnsmasq 2.48
Thekelleys Dnsmasq 2.47
Thekelleys Dnsmasq 2.35
Thekelleys Dnsmasq 2.22
Thekelleys Dnsmasq 2.34
Thekelleys Dnsmasq 2.33
Thekelleys Dnsmasq 2.31
Thekelleys Dnsmasq 2.23
Thekelleys Dnsmasq 2.21
Thekelleys Dnsmasq 2.14
Thekelleys Dnsmasq 2.13
Thekelleys Dnsmasq 2.5
Thekelleys Dnsmasq 2.4
Thekelleys Dnsmasq 1.16
Thekelleys Dnsmasq 1.15
Thekelleys Dnsmasq 1.8
Thekelleys Dnsmasq 1.7
Thekelleys Dnsmasq 0.992
Thekelleys Dnsmasq 0.98
Thekelleys Dnsmasq
Thekelleys Dnsmasq 2.44
Thekelleys Dnsmasq 2.43
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »