Globalscape
Products
3- 8 CVEs
- 3 CVEs
- 1 CVE
Recent CVEs
12| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25366 | Hig | 0.55 | 8.4 | 0.00 | May 25, 2026 | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a payload exceeding 520 bytes that overwrites the return address and executes… | ||
| CVE-2005-1415 | 0.08 | — | 0.60 | May 3, 2005 | Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. | |||
| CVE-2003-1260 | 0.04 | — | 0.09 | Dec 31, 2003 | Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command. | |||
| CVE-2004-2366 | 0.03 | — | 0.04 | Dec 31, 2004 | Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | |||
| CVE-2024-1190 | 0.00 | — | 0.00 | Feb 2, 2024 | A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The… | |||
| CVE-2023-2990 | 0.00 | — | 0.01 | Jun 22, 2023 | Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service | |||
| CVE-2009-3483 | 0.00 | — | 0.05 | Sep 30, 2009 | Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing… | |||
| CVE-2008-2779 | 0.00 | — | 0.03 | Jun 19, 2008 | Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue… | |||
| CVE-2006-1693 | 0.00 | — | 0.02 | Apr 11, 2006 | Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument. | |||
| CVE-2004-1136 | 0.00 | — | 0.01 | Jan 10, 2005 | Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. | |||
| CVE-2003-1261 | 0.00 | — | 0.00 | Dec 31, 2003 | Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | |||
| CVE-2000-0084 | 0.00 | — | 0.01 | Jan 6, 2000 | CuteFTP uses weak encryption to store password information in its tree.dat file. |
- risk 0.55cvss 8.4epss 0.00
CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a payload exceeding 520 bytes that overwrites the return address and executes…
- CVE-2005-1415May 3, 2005risk 0.08cvss —epss 0.60
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
- CVE-2003-1260Dec 31, 2003risk 0.04cvss —epss 0.09
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
- CVE-2004-2366Dec 31, 2004risk 0.03cvss —epss 0.04
Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument.
- CVE-2024-1190Feb 2, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The…
- CVE-2023-2990Jun 22, 2023risk 0.00cvss —epss 0.01
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service
- CVE-2009-3483Sep 30, 2009risk 0.00cvss —epss 0.05
Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing…
- CVE-2008-2779Jun 19, 2008risk 0.00cvss —epss 0.03
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue…
- CVE-2006-1693Apr 11, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument.
- CVE-2004-1136Jan 10, 2005risk 0.00cvss —epss 0.01
Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands.
- CVE-2003-1261Dec 31, 2003risk 0.00cvss —epss 0.00
Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard.
- CVE-2000-0084Jan 6, 2000risk 0.00cvss —epss 0.01
CuteFTP uses weak encryption to store password information in its tree.dat file.