Client
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-53959 | Cri | 0.64 | 9.8 | 0.01 | Dec 19, 2025 | FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve… | ||
| CVE-2016-20046 | Hig | 0.55 | 8.4 | 0.00 | Mar 28, 2026 | zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer… | ||
| CVE-2025-6180 | Hig | 0.55 | — | 0.00 | Aug 20, 2025 | The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition. | ||
| CVE-2017-9982 | Hig | 0.49 | 7.5 | 0.03 | Jun 27, 2017 | TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. | ||
| CVE-2026-3691 | Med | 0.27 | 5.3 | 0.00 | Apr 11, 2026 | OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an… | ||
| CVE-2021-47791 | 0.00 | — | 0.00 | Jan 15, 2026 | SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection… | |||
| CVE-2025-66835 | 0.00 | — | 0.00 | Dec 30, 2025 | TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context. | |||
| CVE-2024-32758 | 0.00 | — | 0.00 | Aug 1, 2024 | Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange | |||
| CVE-2008-1106 | 0.00 | — | 0.01 | Jun 9, 2008 | The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote… |
- risk 0.64cvss 9.8epss 0.01
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve…
- risk 0.55cvss 8.4epss 0.00
zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer…
- risk 0.55cvss —epss 0.00
The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition.
- risk 0.49cvss 7.5epss 0.03
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
- risk 0.27cvss 5.3epss 0.00
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an…
- CVE-2021-47791Jan 15, 2026risk 0.00cvss —epss 0.00
SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection…
- CVE-2025-66835Dec 30, 2025risk 0.00cvss —epss 0.00
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context.
- CVE-2024-32758Aug 1, 2024risk 0.00cvss —epss 0.00
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
- CVE-2008-1106Jun 9, 2008risk 0.00cvss —epss 0.01
The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote…