Every CVE whose affected-product data names Coreftp Core Ftp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2018-12113 — CVSS 9.8 (critical): Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV…
CVE-2013-3930 — CVSS 9.3 (critical): Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory…
CVE-2009-3484 — CVSS 9.3 (critical): Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname…
CVE-2014-1215 — CVSS 7.8 (high): Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data…
CVE-2019-25654 — CVSS 7.5 (high): Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively…
CVE-2018-20658 — CVSS 7.5 (high): The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted…
CVE-2019-25686 — CVSS 7.5 (high): Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the…
CVE-2022-22836 — CVSS 6.5 (medium): CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
CVE-2020-21588 — CVSS 5.5 (medium): Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the…
CVE-2022-22899 — CVSS 5.5 (medium): Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted…
CVE-2019-9649 — CVSS 5.3 (medium): An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a…
CVE-2019-9648 — CVSS 5.3 (medium): An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE…
CVE-2014-4643 — CVSS 5.0 (medium): Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service…
CVE-2014-1441 — CVSS 4.3 (medium): Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash) via an AUTH SSL…
CVE-2014-1442 — CVSS 4.0 (medium): Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of…
CVE-2014-1443 — CVSS 4.0 (medium): Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via…