| CVE-2006-0328 | | 0.08 | — | 0.59 | | Jan 21, 2006 | Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request. |
| CVE-2013-6809 | | 0.00 | — | 0.01 | | Dec 13, 2013 | Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. |
| CVE-2005-4883 | | 0.00 | — | 0.00 | | Nov 20, 2009 | Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames." |
| CVE-2005-4882 | | 0.00 | — | 0.01 | | Nov 20, 2009 | tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226. |
| CVE-2006-6141 | | 0.00 | — | 0.04 | | Nov 28, 2006 | Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window. |
