CVE-2025-11947 | bftpd up to 6.2 Configuration File options.c expand_groups heap-based overflow

Inserito da Angelo Barbosa | Ott 19, 2025 | CVE

A vulnerability described as problematic has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File Handler. Executing manipulation can lead to heap-based buffer overflow.

This vulnerability is handled as CVE-2025-11947. It is possible to launch the attack on the local host. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-11947 | bftpd up to 6.2 Configuration File options.c expand_groups heap-based overflow

Post correlati

CVE-2024-5261 | LibreOffice up to 24.2.3 LibreOfficeKit Mode certificate validation

CVE-2025-7029 | GIGABYTE UEFI-OverClockSmiHandler 1.0.0 Software SMI SwSmiInputValue untrusted pointer dereference

CVE-2025-21720 | Linux Kernel up to 6.6.75/6.12.12/6.13.1 Netlink Socket ip_forward null pointer dereference

CVE-2024-1924 | CodeAstro Membership Management System 1.0 get_membership_amount.php membershipTypeId sql injection