Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-2763

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-12 Jul, 2012 | 19:00
Updated At-06 Aug, 2024 | 19:42
Rejected At-
Credits

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:12 Jul, 2012 | 19:00
Updated At:06 Aug, 2024 | 19:42
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-201209-23.xml
vendor-advisory
x_refsource_GENTOO
http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2012/07/01/1
mailing-list
x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/50737
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.gnome.org/show_bug.cgi?id=679215
x_refsource_CONFIRM
http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/05/31/1
mailing-list
x_refsource_MLIST
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-23.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2012/07/01/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/50737
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=679215
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Resource:
x_refsource_MISC
Hyperlink: http://www.openwall.com/lists/oss-security/2012/05/31/1
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-201209-23.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2012/07/01/1
mailing-list
x_refsource_MLIST
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/50737
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://bugzilla.gnome.org/show_bug.cgi?id=679215
x_refsource_CONFIRM
x_transferred
http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
x_refsource_MISC
x_transferred
http://www.openwall.com/lists/oss-security/2012/05/31/1
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-23.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2012/07/01/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/50737
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=679215
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2012/05/31/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Jul, 2012 | 19:55
Updated At:11 Apr, 2025 | 00:51

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
GIMP
gimp
>>gimp>>Versions up to 2.6.13(inclusive)
cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2cve@mitre.org
Exploit
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.htmlcve@mitre.org
Third Party Advisory
http://secunia.com/advisories/50737cve@mitre.org
Broken Link
http://security.gentoo.org/glsa/glsa-201209-23.xmlcve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/05/31/1cve@mitre.org
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/07/01/1cve@mitre.org
Mailing List
Third Party Advisory
http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.htmlcve@mitre.org
Third Party Advisory
https://bugzilla.gnome.org/show_bug.cgi?id=679215cve@mitre.org
Issue Tracking
Third Party Advisory
http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/50737af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://security.gentoo.org/glsa/glsa-201209-23.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/05/31/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/07/01/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.gnome.org/show_bug.cgi?id=679215af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
Hyperlink: http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/50737
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-23.xml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/05/31/1
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/07/01/1
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=679215
Source: cve@mitre.org
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: http://git.gnome.org/browse/gimp/commit/?h=gimp-2-6&id=744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/50737
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://security.gentoo.org/glsa/glsa-201209-23.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/05/31/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/07/01/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.gnome.org/show_bug.cgi?id=679215
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

370Records found
CVE-2021-21828
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.1||HIGH
EPSS-0.46% / 63.16%
||
7 Day CHG~0.00%
Published-20 Aug, 2021 | 21:03
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-attn/a
Product-xmillAT&T
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5547
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 00:00
Updated-04 Jun, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server CDUP Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component CDUP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5548
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-2.10% / 83.38%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 00:31
Updated-04 Jun, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server NOOP Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5667
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 16:00
Updated-13 Jun, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server REIN Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component REIN Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5664
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 14:31
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RESTART Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5666
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 15:31
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server XMKD Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component XMKD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5634
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 04:00
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server NOOP Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component NOOP Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20701
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 23:30
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.

Action-Not Available
Vendor-NEC Corporation
Product-clusterpro_xclusterpro_x_singleserversafeexpresscluster_xexpresscluster_x_singleserversafeCLUSTERPRO X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5637
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 04:31
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server SYSTEM Command buffer overflow

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component SYSTEM Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-PCMan
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20703
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 23:30
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.

Action-Not Available
Vendor-NEC Corporation
Product-clusterpro_xclusterpro_x_singleserversafeexpresscluster_xexpresscluster_x_singleserversafeCLUSTERPRO X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20236
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.43%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 10:42
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-zeromqn/aRed Hat, Inc.Fedora Project
Product-ceph_storagezeromqenterprise_linuxfedorazeromq
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5593
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 15:31
Updated-13 Jun, 2025 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server HOST Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20704
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 23:30
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.

Action-Not Available
Vendor-NEC Corporation
Product-clusterpro_xclusterpro_x_singleserversafeexpresscluster_xexpresscluster_x_singleserversafeCLUSTERPRO X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5549
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 01:00
Updated-04 Jun, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PASV Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component PASV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2008-3142
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.82% / 82.14%
||
7 Day CHG~0.00%
Published-01 Aug, 2008 | 14:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Python Software Foundation
Product-ubuntu_linuxdebian_linuxpythonn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5357
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-30 May, 2025 | 17:31
Updated-16 Jun, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PWD Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PWD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20700
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 23:29
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.

Action-Not Available
Vendor-NEC Corporation
Product-clusterpro_xclusterpro_x_singleserversafeexpresscluster_xexpresscluster_x_singleserversafeCLUSTERPRO X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5356
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-30 May, 2025 | 16:31
Updated-02 Jun, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BYE Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component BYE Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20702
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.30%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 23:30
Updated-03 Aug, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.

Action-Not Available
Vendor-NEC Corporation
Product-clusterpro_xclusterpro_x_singleserversafeexpresscluster_xexpresscluster_x_singleserversafeCLUSTERPRO X
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5330
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 20.22%
||
7 Day CHG~0.00%
Published-29 May, 2025 | 21:31
Updated-23 Jun, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RETR Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component RETR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5331
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-29 May, 2025 | 22:00
Updated-23 Jun, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server NLST Command buffer overflow

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcman_ftp_server_projectPCMan
Product-pcman_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5295
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-28 May, 2025 | 11:00
Updated-28 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PORT Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code of the component PORT Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5110
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 13:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server VERBOSE Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5073
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 11:00
Updated-05 Jun, 2025 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MKDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown processing of the component MKDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5221
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 02:00
Updated-28 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server QUOTE Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0.0. It has been classified as critical. This affects an unknown part of the component QUOTE Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5052
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 21:00
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server LS Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5220
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:31
Updated-09 Jun, 2025 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server GET Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component GET Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5051
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 20:00
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BINARY Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5075
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 12:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server DEBUG Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component DEBUG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5109
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 13:00
Updated-20 Jun, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server STATUS Command buffer overflow

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5074
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 12:00
Updated-05 Jun, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server PROMPT Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component PROMPT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5112
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 14:00
Updated-23 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MGET Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MGET Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5217
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 00:31
Updated-05 Jun, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RMDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-12988
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.22% / 44.44%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 17:00
Updated-28 May, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-r7000p_firmwarer6900p_firmwarer7000pr6900pR6900PR7000P
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5053
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 21:00
Updated-10 Jun, 2025 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MDIR Command buffer overflow

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5049
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 18:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server APPEND Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. This vulnerability affects unknown code of the component APPEND Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5076
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 13:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server SEND Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-21153
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.15%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 17:10
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv2 before 1.0.0.56, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wn2000rpt_firmwarewn3000rpex6400_firmwareex7300_firmwarer8900_firmwared7800r6100_firmwareex6200dm200_firmwarewn3100rp_firmwareex8000wndr4300_firmwarer7500_firmwarewn3100rpwndr4500r6100ex7300ex6100wn3000rp_firmwared7800_firmwaredm200ex8000_firmwarer8900r9000_firmwarewndr4500_firmwarewnr2000_firmwareex2700ex6200_firmwareex6150r7500r9000wn2000rptr7800ex2700_firmwareex6100_firmwarewndr4300r7800_firmwareex6400wnr2000ex6150_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5218
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:00
Updated-05 Jun, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server LITERAL Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Affected is an unknown function of the component LITERAL Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5050
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 18:31
Updated-23 Jun, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server BELL Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. This issue affects some unknown processing of the component BELL Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-freefloat_ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5219
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 01:00
Updated-09 Jun, 2025 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server ASCII Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component ASCII Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4872
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 11:00
Updated-12 Jun, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server CCC Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4848
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 02:00
Updated-04 Jun, 2025 | 20:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server RECV Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4871
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 10:31
Updated-12 Jun, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PCMan FTP Server REST Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pcmanPCMan
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4846
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 18.38%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 01:00
Updated-19 May, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MPUT Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-FreeFloat
Product-FTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4844
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 00:00
Updated-04 Jun, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server CD Command buffer overflow

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-9866
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.21% / 78.19%
||
7 Day CHG~0.00%
Published-27 Oct, 2020 | 20:42
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-9760
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.05% / 76.70%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 15:39
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick.

Action-Not Available
Vendor-weechatn/aDebian GNU/Linux
Product-debian_linuxweechatn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4847
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.07% / 20.83%
||
7 Day CHG~0.00%
Published-18 May, 2025 | 01:31
Updated-04 Jun, 2025 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeFloat FTP Server MLS Command buffer overflow

A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-freefloatFreeFloat
Product-ftp_serverFTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8955
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.21% / 94.12%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 21:58
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).

Action-Not Available
Vendor-weechatn/aDebian GNU/LinuxopenSUSEFedora Project
Product-debian_linuxfedoraweechatbackports_sleleapn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found