Vulnerabilities > Coreftp > Core FTP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-17 | CVE-2022-22899 | Out-of-bounds Write vulnerability in Coreftp Core FTP 2.0 Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service. | 5.5 |
| 2022-01-10 | CVE-2022-22836 | Path Traversal vulnerability in Coreftp Core FTP 1.2/2.0 CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request. | 4.0 |
| 2021-04-05 | CVE-2020-19595 | Classic Buffer Overflow vulnerability in Coreftp Core FTP 2.0 Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username. | 5.0 |
| 2019-03-22 | CVE-2019-9649 | Path Traversal vulnerability in Coreftp Core FTP 2.0 An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. | 5.0 |
| 2019-03-22 | CVE-2019-9648 | Path Traversal vulnerability in Coreftp Core FTP 2.0 An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. | 5.0 |
| 2019-01-02 | CVE-2018-20658 | Improper Input Validation vulnerability in Coreftp Core FTP 2.0 The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command. | 5.0 |
| 2018-03-20 | CVE-2014-1215 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Coreftp Core FTP 1.2 Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry. | 4.6 |
| 2014-06-25 | CVE-2014-4643 | Buffer Errors vulnerability in Coreftp Core FTP 2.2 Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command. | 5.0 |
| 2014-05-02 | CVE-2014-1443 | Buffer Errors vulnerability in Coreftp Core FTP 1.2 Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read. | 4.0 |
| 2014-05-02 | CVE-2014-1442 | Path Traversal vulnerability in Coreftp Core FTP 1.2 Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command. | 4.0 |