This page aggregates publicly disclosed CVE and security risk information related to bftpd, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-2051 | Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable. | [email protected] | 5.0 | 0.48% | 2007-04-16 | 2026-04-23 |
| CVE-2007-2010 | Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command. | [email protected] | 6.8 | 1.37% | 2007-04-12 | 2026-04-23 |