MiracleLinux 8 : libssh-0.9.6-10.el8 (AXSA:2023-6150:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6150:03 advisory. libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature...

CVE-2025-1667

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpspUpdateTeacher function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access a...

TencentOS Server 3: libssh (TSSA-2023:0193)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0193 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-1667 School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpspUpdateTeacher function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access a...

CVE-2025-1667 School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Privilege Escalation via Account Takeover

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wpspUpdateTeacher function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access a...

CVE-2025-1667

CVE-2025-1667 refers to the WordPress plugin School Management System – WPSchoolPress (versions

Linux Distros Unpatched Vulnerability : CVE-2012-1667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource recor...

K000148495: libssh vulnerability CVE-2023-1667

Security Advisory Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. CVE-2023-1667 Impact This vulnerability may allow an authenticated client to cause a denial-of-service...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.100173)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.100173 advisory. - A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in...

RHEL 3 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bind: key algorithm rollover may mark secure answers as insecure CVE-2010-3614 - bind: handling of zero...

SUSE: Security Advisory (SUSE-SU-2024:1667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1667)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1667 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...

RHEL 4 : bind (RHSA-2012:1110)

"The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1110 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Security Bulletin: Vulnerabilities in libssh library (CVE-2023-1667, CVE-2023-2283 ) affect Power HMC

Summary The libssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-1667 DESCRIPTION: libssh is vulnerable to a denial of service, caused by a NULL pointer dereference during rekeying with algorithm guessing. A...

SUSE SLES12 Security Update : libssh (SUSE-SU-2024:0539-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0539-1 advisory. - A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client...

SUSE: Security Advisory (SUSE-SU-2024:0539-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : libssh (SUSE-SU-2024:0525-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0525-1 advisory. - A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client...

SUSE: Security Advisory (SUSE-SU-2024:0525-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to libssh denial of service vulnerabilitiy [ CVE-2023-1667]

Summary Potential libssh denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-1667 Vulnerability Details CVEID:CVE-2023-1667 DESCRIPTION:...

RHEL 8 : libssh (RHSA-2024:0538)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0538 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...