Psftpd
Monthly
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 19.3%.
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 19.3%.
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.0%.
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.