Vendor
Philippe Jounin
Products
2
CVEs
6
Across products
6
Status
Private
Products
2- 5 CVEs
- 1 CVE
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-0328 | 0.08 | — | 0.59 | Jan 21, 2006 | Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request. | ||
| CVE-2023-0887 | 0.00 | — | 0.00 | Feb 17, 2023 | A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The associated identifier of this vulnerability is VDB-221351. | ||
| CVE-2013-6809 | 0.00 | — | 0.01 | Dec 13, 2013 | Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. | ||
| CVE-2005-4883 | 0.00 | — | 0.00 | Nov 20, 2009 | Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames." | ||
| CVE-2005-4882 | 0.00 | — | 0.01 | Nov 20, 2009 | tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226. | ||
| CVE-2006-6141 | 0.00 | — | 0.04 | Nov 28, 2006 | Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window. |