Every CVE whose affected-product data names G.rodola Pyftpdlib, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2008-7263 — CVSS 7.5 (high): ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for…
CVE-2007-6737 — CVSS 7.5 (high): FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username…
CVE-2007-6736 — CVSS 6.5 (medium): Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary…
CVE-2007-6741 — CVSS 6.5 (medium): The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP…
CVE-2008-7262 — CVSS 6.5 (medium): Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary…
CVE-2007-6738 — CVSS 5.0 (medium): pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote…
CVE-2007-6739 — CVSS 5.0 (medium): FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.
CVE-2009-5011 — CVSS 4.3 (medium): Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service…
CVE-2010-3494 — CVSS 4.3 (medium): Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service…
CVE-2009-5010 — CVSS 4.3 (medium): Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service…
CVE-2007-6740 — CVSS 4.0 (medium): The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which…
CVE-2008-7264 — CVSS 4.0 (medium): The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file…
CVE-2009-5012 — CVSS 4.0 (medium): ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to…
CVE-2009-5013 — CVSS 4.0 (medium): Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of…