Aggregates CVE and security vulnerability intelligence across all philippe_jounin-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk denial of service and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-6809 | Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. | [email protected] | 5.0 | 0.57% | 2013-12-13 | 2026-04-29 |
| CVE-2005-4883 | Race condition in Philippe Jounin Tftpd32 before 2.80 allows remote attackers to cause a denial of service (daemon crash) via invalid "connect frames." | [email protected] | 4.3 | 0.34% | 2009-11-20 | 2026-04-23 |
| CVE-2005-4882 | tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226. | [email protected] | 5.0 | 1.21% | 2009-11-20 | 2026-04-23 |
| CVE-2006-6141 | Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window. | [email protected] | 5.0 | 3.95% | 2006-11-28 | 2026-04-23 |
| CVE-2006-0328 | Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request. | [email protected] | 5.0 | 58.90% | 2006-01-21 | 2026-04-16 |