47 matches found
Advisory ROSA-SA-2025-3074
Software: openssh 8.0p1 OS: ROSA Virtualization 2.1 unaffected versions = openssh-8.0p1-26.0.1.1.rv3 affected versions openssh-8.0p1-26.0.1.1.rv3 CVE-ID: CVE-2020-15778 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the toremote scp.c function of the OpenSSH cryptographic security tool exis...
EUVD-2023-42154
Malicious code in bioql PyPI...
Security Bulletin: IBM Storage Ceph is vulnerable to Command Injection in the RHEL UBI (CVE-2020-15778)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2020-15778 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2020-15778 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary...
TencentOS Server 3: openssh (TSSA-2024:0211)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0211 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
openssh security update
An update is available for openssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...
RLSA-2024:3166 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: scp allows command injection when using backtick characters in the destination...
RockyLinux 8 : openssh (RLSA-2024:3166)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3166 advisory. openssh: scp allows command injection when using backtick characters in the destination argument CVE-2020-15778 Tenable has extracted the preceding description...
Security Bulletin: Vulnerability in openssh (CVE-2020-15778) affects Power HMC.
Summary The openssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2020-15778 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation in the...
Oracle Linux 8 : openssh (ELSA-2024-3166)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3166 advisory. - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 Tenable has extracted the preceding description block directly from the Oracl...
openssh security update
8.0p1-24.0.1 - Update upstream references Orabug: 36587718 8.0p1-24 - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 8.0p1-23 - Fix Terrapin attack Resolves: RHEL-19308 8.0p1-22 - Fix Terrapin attack Resolves: RHEL-19308 - Forbid shell metasymbols in...
RHEL 8 : openssh (RHSA-2024:3166)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3166 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...
Moderate: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CentOS 8 : openssh (CESA-2024:3166)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3166 advisory. - scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE...
Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: scp allows command injection when using backtick characters in the destination...
ALSA-2024:3166 Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: scp allows command injection when using backtick characters in the destination...
RHEL 6 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...
F5 Networks BIG-IP : SCP vulnerability (K04305530)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04305530 advisory. scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick...
CVE-2023-38336
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...
Command injection
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...
CVE-2023-38336
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...