Vulnerabilities > Pureftpd

DATE CVE VULNERABILITY TITLE RISK
2021-09-05 CVE-2021-40524 Unrestricted Upload of File with Dangerous Type vulnerability in Pureftpd Pure-Ftpd
In Pure-FTPd before 1.0.50, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang.
network
low complexity
pureftpd CWE-434
7.5
2020-12-26 CVE-2020-35359 Allocation of Resources Without Limits or Throttling vulnerability in Pureftpd Pure-Ftpd 1.0.48
Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit.
network
low complexity
pureftpd CWE-770
7.5
2020-02-26 CVE-2020-9274 Access of Uninitialized Pointer vulnerability in multiple products
An issue was discovered in Pure-FTPd 1.0.49.
network
low complexity
pureftpd debian fedoraproject canonical CWE-824
7.5
2020-02-24 CVE-2020-9365 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Pure-FTPd 1.0.49.
network
low complexity
pureftpd fedoraproject CWE-125
7.5
2019-12-31 CVE-2019-20176 Resource Exhaustion vulnerability in multiple products
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.
network
low complexity
pureftpd fedoraproject CWE-400
7.5
2017-09-21 CVE-2017-12170 Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration.
network
low complexity
pureftpd fedoraproject
critical
9.8