Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-54309 KEV |
|
[KEV] Vulnerability in crushftp (CVE-2025-54309)
vulnerability in crushftp (CVE-2025-54309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-31161 KEV |
|
[KEV] Vulnerability in crushftp (CVE-2025-31161)
vulnerability in crushftp (CVE-2025-31161). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Listed in CISA KEV — actively exploited.
|
| CVE-2024-4040 KEV |
|
[KEV] Vulnerability in crushftp (CVE-2024-4040)
vulnerability in crushftp (CVE-2024-4040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-48795 |
|
Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
|
| CVE-2017-14035 |
|
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
|
| CVE-2017-14036 |
|
CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS.
CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS.
|
| CVE-2017-14037 |
|
CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.
CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.
|
| CVE-2017-14038 |
|
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
|