Search CVE reports


Toggle filters

1 – 8 of 8 results


CVE-2024-31497

Medium priority
Needs evaluation

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where...

2 affected packages

filezilla, putty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
putty Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-48795

Medium priority

Some fixes available 29 of 79

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...

13 affected packages

dropbear, filezilla, golang-go.crypto, libssh, libssh2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dropbear Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
filezilla Fixed Fixed Fixed Not affected Not affected
golang-go.crypto Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libssh Not affected Fixed Fixed Not affected Not affected
libssh2 Not affected Not affected Not affected Not affected Not affected
lxd Not in release Not in release Not affected Fixed Fixed
openssh Fixed Fixed Fixed Fixed Fixed
openssh-ssh1 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
paramiko Fixed Fixed Fixed Needs evaluation Needs evaluation
proftpd-dfsg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
putty Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python-asyncssh Fixed Fixed Fixed Ignored Ignored
snapd Not affected Not affected Not affected Not affected Not affected
Show all 13 packages Show less packages

CVE-2016-15003

Medium priority
Not affected

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The...

1 affected packages

filezilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-29620

Negligible priority
Not affected

** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.

1 affected packages

filezilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Not affected Not affected Not affected
Show less packages

CVE-2019-5429

Low priority
Vulnerable

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.

1 affected packages

filezilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2013-4852

Medium priority

Some fixes available 14 of 26

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use...

2 affected packages

filezilla, putty

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla Not affected Not affected
putty Fixed Fixed
Show less packages

CVE-2007-2318

Unknown priority
Not affected

Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these...

1 affected packages

filezilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla
Show less packages

CVE-2007-0317

Unknown priority
Fixed

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some...

1 affected packages

filezilla

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
filezilla
Show less packages