Vulnerabilities > Coreftp > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2022-22899 Out-of-bounds Write vulnerability in Coreftp Core FTP 2.0
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service.
local
low complexity
coreftp CWE-787
5.5
2022-01-10 CVE-2022-22836 Path Traversal vulnerability in Coreftp Core FTP 1.2/2.0
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
network
low complexity
coreftp CWE-22
4.0
2021-04-05 CVE-2020-19595 Classic Buffer Overflow vulnerability in Coreftp Core FTP 2.0
Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a crafted username.
network
low complexity
coreftp CWE-120
5.0
2019-03-22 CVE-2019-9649 Path Traversal vulnerability in Coreftp Core FTP 2.0
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.
network
low complexity
coreftp CWE-22
5.0
2019-03-22 CVE-2019-9648 Path Traversal vulnerability in Coreftp Core FTP 2.0
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.
network
low complexity
coreftp CWE-22
5.0
2019-01-02 CVE-2018-20658 Improper Input Validation vulnerability in Coreftp Core FTP 2.0
The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.
network
low complexity
coreftp CWE-20
5.0
2018-03-20 CVE-2014-1215 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Coreftp Core FTP 1.2
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
local
low complexity
coreftp CWE-119
4.6
2014-06-25 CVE-2014-4643 Buffer Errors vulnerability in Coreftp Core FTP 2.2
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command.
network
low complexity
coreftp CWE-119
5.0
2014-05-02 CVE-2014-1443 Buffer Errors vulnerability in Coreftp Core FTP 1.2
Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read.
network
low complexity
coreftp CWE-119
4.0
2014-05-02 CVE-2014-1442 Path Traversal vulnerability in Coreftp Core FTP 1.2
Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command.
network
low complexity
coreftp CWE-22
4.0