Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core ftp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1460
razorCMS prior to 0.4 uses weak permissions for (1) admin/core/admin_config.php, which allows local users to obtain the administrator's password hash and FTP user credentials; and (2) the root directory, (3) datastore/, and (4) admin/core/, which allows local users to have a...
Razorcms Razorcms 0.2
Razorcms Razorcms 0.3
Razorcms Razorcms
NA
CVE-1999-1293
mod_proxy in Apache 1.2.5 and previous versions allows remote malicious users to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
Apache Http Server
NA
CVE-2011-2242
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.
Oracle Database Server 11.2.0.1
Oracle Database Server 11.2.0.2
NA
CVE-2013-0130
Multiple buffer overflows in Core FTP prior to 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1) DELE, (2) LIST, or (3) VIEW command.
Coreftp Coreftp
8.8
CVSSv3
CVE-2017-9444
BigTree CMS up to and including 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the ...
Bigtreecms Bigtree Cms
9.8
CVSSv3
CVE-2022-32207
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the t...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2017-16566
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote malicious users to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level c...
Qacctv Jooan A5 Ip Camera Firmware 2.3.36
7.5
CVSSv3
CVE-2020-11993
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "in...
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
9.8
CVSSv3
CVE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Apache Http Server
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Zfs Storage Appliance Kit 8.8
7 Github repositories
3.7
CVSSv3
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
Haxx Curl
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Debian Debian Linux 10.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »