VYPR
Vendor

Troglobit

Products
6
CVEs
11
Across products
11
Status
Private

Products

6

Recent CVEs

11
  • CVE-2020-37182HigFeb 11, 2026
    risk 0.49cvss 7.5epss 0.00

    Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect() function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf() buffer without proper length checking to overwrite memory and cause a segmentation…

  • CVE-2025-29906HigApr 29, 2025
    risk 0.49cvss 8.6epss 0.00

    Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been…

  • CVE-2025-32022MedMay 6, 2025
    risk 0.23cvss 4.6epss 0.00

    Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so…

  • CVE-2020-20277Dec 18, 2020
    risk 0.05cvss epss 0.25

    There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's compose_abspath function that can be abused to read or write to arbitrary files…

  • CVE-2022-48620Jan 12, 2024
    risk 0.00cvss epss 0.01

    uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number.

  • CVE-2020-20276Dec 18, 2020
    risk 0.00cvss epss 0.03

    An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution.

  • CVE-2020-14149Jun 15, 2020
    risk 0.00cvss epss 0.02

    In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.

  • CVE-2020-5221Jan 22, 2020
    risk 0.00cvss epss 0.01

    In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath(). This has…

  • CVE-2020-5204Jan 6, 2020
    risk 0.00cvss epss 0.01

    In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4…

  • CVE-2019-14323Jul 28, 2019
    risk 0.00cvss epss 0.02

    SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. This results in a crash of the server, but only when strict stack checking is enabled. This is caused by an off-by-one error in ssdp_recv in ssdpd.c.

  • CVE-2011-0007Jan 11, 2011
    risk 0.00cvss epss 0.00

    pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.