Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tftp tftp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1620
Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) 3.2.0.0 and previous versions in 2X ThinClientServer 5.0_sp1-r3497 and previous versions allows remote malicious users to read or overwrite arbitrary files via a ... (dot dot dot) in the filename.
2x Thinclientserver
1 EDB exploit
NA
CVE-2013-6704
Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote malicious users to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686.
Cisco Ios Xe -
9.8
CVSSv3
CVE-2018-15379
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote malicious user to upload an arbitrary file. This file could allow the malicious user to execute commands at the privilege...
Cisco Prime Infrastructure 3.4\\(0.0\\)
Cisco Prime Infrastructure 3.5\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(0.0\\)
Cisco Prime Infrastructure 3.2\\(2.0\\)
Cisco Prime Infrastructure 3.2
Cisco Prime Infrastructure 3.3
Cisco Prime Infrastructure 3.4
Cisco Prime Infrastructure 3.2\\(1.0\\)
Cisco Prime Infrastructure 3.3\\(0.0\\)
1 EDB exploit
7.5
CVSSv3
CVE-2020-24990
An issue exists in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.
Qsc Q-sys Core Manager 8.2.1
7.8
CVSSv3
CVE-2022-47505
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.
Solarwinds Orion Platform
NA
CVE-2015-0743
Cisco Headend System Release allows remote malicious users to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.
Cisco Headend Digital Broadband Delivery System -
Cisco Headend System Release 2.5
Cisco Headend System Release 2.7
Cisco Headend System Release 3.2
Cisco Headend System Release 3.5
Cisco Headend System Release I4.3
Cisco Headend System Release 3.7
8.6
CVSSv3
CVE-2019-1814
A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series (Sx300) Managed Switches could allow an unauthenticated, remote malicious user to cause the device to become low on system memory, which in turn could lead to an unexpected ...
Cisco Sf302-08pp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-28pp Firmware
Cisco Sf300-08 Firmware
Cisco Sf300-48p Firmware
Cisco Sg300-10mp Firmware
Cisco Sg300-10p Firmware
Cisco Sg300-10 Firmware
Cisco Sg300-28p Firmware
Cisco Sf300-24p Firmware
Cisco Sf302-08mp Firmware
Cisco Sg300-28 Firmware
Cisco Sf300-48 Firmware
Cisco Sg300-20 Firmware
Cisco Sf302-08p Firmware
Cisco Sg300-52 Firmware
Cisco Sf300-24 Firmware
Cisco Sf302-08 Firmware
7.5
CVSSv3
CVE-2020-7211
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
Libslirp Project Libslirp 4.1.0
Qemu Qemu 4.2.0
NA
CVE-2013-0145
Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in a read request.
Vercot Serva32 2.1.0
1 EDB exploit
7.8
CVSSv3
CVE-2019-5436
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 up to and including 7.64.1.
Haxx Libcurl
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Debian Debian Linux 9.0
Debian Debian Linux 10.0
F5 Traffix Signaling Delivery Controller
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Mysql Server
Oracle Oss Support Tools 20.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »