Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure file transfer vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2017-5246
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authentic...
Biscom Secure File Transfer -
383
VMScore
CVE-2020-27646
Biscom Secure File Transfer (SFT) prior to 5.1.1082 and 6.x prior to 6.0.1011 allows user credential theft.
Biscom Secure File Transfer
801
VMScore
CVE-2009-4646
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.
Accellion Secure File Transfer Appliance
435
VMScore
CVE-2008-3850
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
Accellion Secure File Transfer Appliance 7 0 135
1 EDB exploit
445
VMScore
CVE-2021-33037
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ign...
Apache Tomcat
Apache Tomee 8.0.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Sd-wan Edge 9.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Secure Global Desktop 5.6
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Session Route Manager
Oracle Mysql Enterprise Monitor
Oracle Communications Session Report Manager
Oracle Sd-wan Edge 9.1
Oracle Utilities Testing Accelerator 6.0.0.2.2
Oracle Utilities Testing Accelerator 6.0.0.3.1
Oracle Utilities Testing Accelerator 6.0.0.1.1
446
VMScore
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
3 Github repositories
668
VMScore
CVE-2003-0962
Heap-based buffer overflow in rsync prior to 2.5.7, when running in server mode, allows remote malicious users to execute arbitrary code and possibly escape the chroot jail.
Andrew Tridgell Rsync 2.4.4
Andrew Tridgell Rsync 2.4.5
Andrew Tridgell Rsync 2.5.5
Andrew Tridgell Rsync 2.5.6
Engardelinux Secure Community 1.0.1
Engardelinux Secure Community 2.0
Andrew Tridgell Rsync 2.4.1
Andrew Tridgell Rsync 2.4.3
Andrew Tridgell Rsync 2.5.2
Andrew Tridgell Rsync 2.5.3
Andrew Tridgell Rsync 2.5.4
Redhat Rsync 2.5.5-1
Redhat Rsync 2.5.5-4
Andrew Tridgell Rsync 2.3.1
Andrew Tridgell Rsync 2.4.6
Andrew Tridgell Rsync 2.4.8
Redhat Rsync 2.4.6-2
Redhat Rsync 2.4.6-5
Engardelinux Secure Linux 1.1
Engardelinux Secure Linux 1.2
Andrew Tridgell Rsync 2.3.2
Andrew Tridgell Rsync 2.4.0
356
VMScore
CVE-2019-12693
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variab...
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
756
VMScore
CVE-2021-34718
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote malicious user to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user ...
Cisco Ios Xr
445
VMScore
CVE-2009-0432
The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x prior to 6.1.0.19 does not enable the secure version, which allows remote malicious users to obtain sensitive information via unspe...
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »