Akamai Technologies
Products
3- 9 CVEs
- 4 CVEs
- 2 CVEs
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-53959 | Cri | 0.64 | 9.8 | 0.01 | Dec 19, 2025 | FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve… | ||
| CVE-2016-20046 | Hig | 0.55 | 8.4 | 0.00 | Mar 28, 2026 | zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer… | ||
| CVE-2025-6180 | Hig | 0.55 | — | 0.00 | Aug 20, 2025 | The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition. | ||
| CVE-2017-9982 | Hig | 0.49 | 7.5 | 0.03 | Jun 27, 2017 | TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. | ||
| CVE-2026-3691 | Med | 0.27 | 5.3 | 0.00 | Apr 11, 2026 | OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an… | ||
| CVE-2007-6339 | 0.01 | — | 0.11 | May 1, 2008 | The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters." | |||
| CVE-2007-1891 | 0.01 | — | 0.07 | Apr 18, 2007 | Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize… | |||
| CVE-2021-47791 | 0.00 | — | 0.00 | Jan 15, 2026 | SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection… | |||
| CVE-2025-66835 | 0.00 | — | 0.00 | Dec 30, 2025 | TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context. | |||
| CVE-2024-32758 | 0.00 | — | 0.00 | Aug 1, 2024 | Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange | |||
| CVE-2009-2582 | 0.00 | — | 0.03 | Jul 23, 2009 | Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and… | |||
| CVE-2008-1106 | 0.00 | — | 0.01 | Jun 9, 2008 | The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote… | |||
| CVE-2007-1892 | 0.00 | — | 0.06 | Apr 18, 2007 | Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891. |
- risk 0.64cvss 9.8epss 0.01
FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replace the missing DLL to achieve…
- risk 0.55cvss 8.4epss 0.00
zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer…
- risk 0.55cvss —epss 0.00
The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition.
- risk 0.49cvss 7.5epss 0.03
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
- risk 0.27cvss 5.3epss 0.00
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose stored credentials on affected installations of OpenClaw. User interaction is required to exploit this vulnerability in that the target must initiate an…
- CVE-2007-6339May 1, 2008risk 0.01cvss —epss 0.11
The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters."
- CVE-2007-1891Apr 18, 2007risk 0.01cvss —epss 0.07
Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpretation of the nSize…
- CVE-2021-47791Jan 15, 2026risk 0.00cvss —epss 0.00
SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection…
- CVE-2025-66835Dec 30, 2025risk 0.00cvss —epss 0.00
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context.
- CVE-2024-32758Aug 1, 2024risk 0.00cvss —epss 0.00
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
- CVE-2009-2582Jul 23, 2009risk 0.00cvss —epss 0.03
Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and…
- CVE-2008-1106Jun 9, 2008risk 0.00cvss —epss 0.01
The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote…
- CVE-2007-1892Apr 18, 2007risk 0.00cvss —epss 0.06
Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.