Filezilla-project Filezilla_client
7 CVEs affecting Filezilla-project Filezilla_client. Latest disclosed: 2026-04-05. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-53959 | Critical | 9.8 | 2025-12-19 | FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the appl… |
CVE-2019-5429 | High | 7.8 | 2019-04-29 | Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. |
CVE-2022-29620 | Medium | 6.5 | 2022-06-07 | FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a… |
CVE-2016-15003 | Medium | 6.3 | 2022-07-18 | A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files… |
CVE-2019-25683 | Medium | 6.2 | 2026-04-05 | FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying… |
CVE-2024-31497 | Medium | 5.9 | 2024-04-15 | In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approx… |
CVE-2023-48795 | Medium | 5.9 | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks… |