Lucene search
K

35 matches found

OSV
OSV
added 2 days ago3 views

CVE-2026-58065 Apache Airflow Git provider: Git provider hook defaults to StrictHostKeyChecking=no, disabling SSH host-key verification

The Apache Airflow Git provider runs its git-over-SSH operations with StrictHostKeyChecking=no by default, disabling SSH host-key verification. An attacker who can intercept the network path between an Airflow worker and the Git server can impersonate the server man-in-the-middle, capturing the S...

8.1CVSS6.1AI score0.00461EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/25 11:53 p.m.6 views

CVE-2025-15661

A flaw in libssh2's sftpsymlink function allows a malicious SSH server or man-in-the-middle attacker to trigger an out-of-bounds heap read via a crafted SSHFXPNAME response. This can disclose heap memory contents or crash the application, causing a denial of service DoS. Mitigation Implement stri...

8.3CVSS7.1AI score0.00267EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/03/25 10:6 p.m.17 views

n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

Impact When the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server could intercept the connection and present a fraudulent host key,...

7.4CVSS5.8AI score0.00288EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/25 6:26 p.m.35 views

CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

6.3CVSS0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-0999

Malware in sbrugna...

9.8CVSS9.2AI score0.0187EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-57969

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.04459EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.27 views

EUVD-2024-47644

Malicious code in bioql PyPI...

7.4CVSS6.4AI score0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 8:38 p.m.4 views

CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...

7.9CVSS6.5AI score0.00621EPSS
Exploits0References4
Broadcom
Broadcom
added 2024/11/12 12:0 a.m.9 views

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

7.1CVSS6.9AI score0.00243EPSS
Exploits1
NVD
NVD
added 2024/09/09 10:15 a.m.26 views

CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

7.4CVSS0.00338EPSS
Exploits0References1
OSV
OSV
added 2024/09/09 10:15 a.m.70 views

UBUNTU-CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

7.4CVSS5.8AI score0.00338EPSS
Exploits0References2
OSV
OSV
added 2024/09/09 9:39 a.m.7 views

CVE-2024-6572 Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem'

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

6.3CVSS6AI score0.00338EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/09 9:39 a.m.19 views

CVE-2024-6572 Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem'

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

6.3CVSS6.8AI score0.00338EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.11 views

PT-2024-37728 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p15 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p48 Checkmk version 2.0.0 Description: The issue concerns improper host key checking in the active check 'Check SFTP Service' and the special...

7.4CVSS7AI score0.00338EPSS
Exploits0References15
OpenSSL
OpenSSL
added 2024/05/16 12:0 a.m.109 views

Vulnerability in OpenSSL - Excessive time spent checking DSA keys and parameters

Issue summary : Checking excessively long DSA keys or parameters may be very slow. Impact summary : Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checke...

5.6AI score0.01131EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.4 views

PT-2024-33190 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A vulnerability was found in Satellite where the host's SSH key is not being checked when running a remote execution job on a host. This is due to the use of "-o StrictHostKeyChecking=no"...

6.8CVSS7.2AI score0.00612EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 10:36 a.m.5 views

openssl: Excessive time spent checking DH keys and parameters

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.8AI score0.05533EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/20 12:0 a.m.54 views

Oracle Linux 8 : edk2 (ELSA-2024-0888)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0888 advisory. 20220126gitbb1bba3d77-6.el89.3 - edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch RHEL-7560 - Resolves: RHEL-7560 CVE-2023-3446 edk2: openssl:...

5.3CVSS6.5AI score0.05533EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.35 views

EulerOS 2.0 SP5 : shim-signed (EulerOS-SA-2024-1165)

According to the versions of the shim-signed package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact...

5.3CVSS6.5AI score0.04459EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.40 views

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1074)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary...

5.3CVSS6.6AI score0.04459EPSS
Exploits0References2
Rows per page
Query Builder