Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1411
The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and previous versions allows remote malicious users to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference.
Acronis Snap Deploy 2.0.0.1076
1 EDB exploit
9.8
CVSSv3
CVE-2018-5777
An issue exists in Ipswitch WhatsUp Gold prior to 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow malicious users to execute arbitrary commands on the TFTP server via unspecified vectors.
Ipswitch Whatsup Gold
NA
CVE-2002-1968
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions prior to 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a mali...
Com21 Doxport 1100 2.1.1.106
9.8
CVSSv3
CVE-2018-18439
DENX U-Boot up to and including 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
Denx U-boot 2018.09
Denx U-boot
NA
CVE-2004-0951
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote malicious users to obtain sensitive information.
Hp Ignite-ux C.6.2.241
7.5
CVSSv3
CVE-2017-7183
The TFTP server in ExtraPuTTY 0.30 and previous versions allows remote malicious users to cause a denial of service (crash) via a large (1) read or (2) write TFTP protocol message.
Extraputty Extraputty
1 EDB exploit
NA
CVE-2008-1312
Unspecified vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions prior to 2.0.3900.0, allows remote malicious users to cause a denial of service (daemon crash) via a long TFTP packet, a different vulnerability than CVE-2008-1311.
Packettrap Pt360 Tool Suite
Packettrap Pt360 Tool Suite 1.1.33.1.0
NA
CVE-2000-0015
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
Ascend Cascadeview Ux 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Steelstore -
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Mysql Server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
3.7
CVSSv3
CVE-2019-5435
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.
Haxx Curl
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »