FTP Server
by Bulletproof
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25229 | Med | 0.36 | 5.5 | 0.00 | Mar 30, 2026 | BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field… | ||
| CVE-2005-1371 | 0.03 | — | 0.01 | May 3, 2005 | BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges. | |||
| CVE-2019-25588 | 0.00 | — | 0.00 | Mar 22, 2026 | BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a… | |||
| CVE-2019-25587 | 0.00 | — | 0.00 | Mar 22, 2026 | BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting… |
- risk 0.36cvss 5.5epss 0.00
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field…
- CVE-2005-1371May 3, 2005risk 0.03cvss —epss 0.01
BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.
- CVE-2019-25588Mar 22, 2026risk 0.00cvss —epss 0.00
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a…
- CVE-2019-25587Mar 22, 2026risk 0.00cvss —epss 0.00
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting…