Filezilla-project Filezilla Client — known CVE vulnerabilities
Every CVE whose affected-product data names Filezilla-project Filezilla Client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-53959 — CVSS 9.8 (critical): FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted…
CVE-2019-5429 — CVSS 7.8 (high): Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's…
CVE-2022-29620 — CVSS 6.5 (medium): FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does…
CVE-2016-15003 — CVSS 6.3 (medium): A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the…
CVE-2019-25683 — CVSS 6.2 (medium): FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the…
CVE-2023-48795 — CVSS 5.9 (medium): The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to…
CVE-2024-31497 — CVSS 5.9 (medium): In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a…