| Bug | Description |
|---|
| TEMP-0923926-B85BA9 | high memory usage with some long running sessions |
| TEMP-0000000-3815A2 | Avoid unbounded SFTP extended attribute key/values |
| CVE-2021-46854 | mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS ... |
| CVE-2020-9273 | In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interru ... |
| CVE-2019-19272 | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Dir ... |
| CVE-2019-19271 | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A w ... |
| CVE-2019-19270 | An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. F ... |
| CVE-2019-19269 | An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A ... |
| CVE-2019-18217 | ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauth ... |
| CVE-2019-12815 | An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3. ... |
| CVE-2017-7418 | ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the h ... |
| CVE-2016-3125 | The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 ... |
| CVE-2015-3306 | The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read a ... |
| CVE-2013-4359 | Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 ... |
| CVE-2012-6095 | ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows lo ... |
| CVE-2011-4130 | Use-after-free vulnerability in the Response API in ProFTPD before 1.3 ... |
| CVE-2011-1137 | Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d a ... |
| CVE-2010-4652 | Heap-based buffer overflow in the sql_prepare_where function (contrib/ ... |
| CVE-2010-4221 | Multiple stack-based buffer overflows in the pr_netio_telnet_gets func ... |
| CVE-2010-3867 | Multiple directory traversal vulnerabilities in the mod_site_misc modu ... |
| CVE-2009-3736 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as us ... |
| CVE-2009-3639 | The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2 ... |
| CVE-2009-0543 | ProFTPD Server 1.3.1, with NLS support enabled, allows remote attacker ... |
| CVE-2009-0542 | SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 a ... |
| CVE-2008-7265 | The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote aut ... |
| CVE-2008-4242 | ProFTPD 1.3.1 interprets long commands from an FTP client as multiple ... |
| CVE-2007-2165 | The Auth API in ProFTPD before 20070417, when multiple simultaneous au ... |
| CVE-2006-6563 | Stack-based buffer overflow in the pr_ctrls_recv_request function in c ... |
| CVE-2006-6171 | ProFTPD 1.3.0a and earlier does not properly set the buffer size limit ... |
| CVE-2006-6170 | Buffer overflow in the tls_x509_name_oneline function in the mod_tls m ... |
| CVE-2006-5815 | Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 ... |
| CVE-2005-4816 | Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ... |