Search CVE reports
1 – 8 of 8 results
CVE-2024-31497
Medium priorityIn PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where...
2 affected packages
filezilla, putty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
putty | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-48795
Medium prioritySome fixes available 29 of 79
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...
13 affected packages
dropbear, filezilla, golang-go.crypto, libssh, libssh2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dropbear | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
filezilla | Fixed | Fixed | Fixed | Not affected | Not affected |
golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libssh | Not affected | Fixed | Fixed | Not affected | Not affected |
libssh2 | Not affected | Not affected | Not affected | Not affected | Not affected |
lxd | Not in release | Not in release | Not affected | Fixed | Fixed |
openssh | Fixed | Fixed | Fixed | Fixed | Fixed |
openssh-ssh1 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
paramiko | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
proftpd-dfsg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
putty | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
python-asyncssh | Fixed | Fixed | Fixed | Ignored | Ignored |
snapd | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2016-15003
Medium priorityA vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The...
1 affected package
filezilla
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-29620
Negligible priority** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.
1 affected package
filezilla
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | Not affected | Not affected | Not affected | — |
CVE-2019-5429
Low priorityUntrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
1 affected package
filezilla
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2013-4852
Medium prioritySome fixes available 14 of 26
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use...
2 affected packages
filezilla, putty
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | — | — | Not affected | Not affected |
putty | — | — | — | Fixed | Fixed |
CVE-2007-2318
Unknown priorityMultiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these...
1 affected package
filezilla
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | — | — | — | — |
CVE-2007-0317
Unknown priorityFormat string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some...
1 affected package
filezilla
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
filezilla | — | — | — | — | — |