28 matches found
MAL-2026-2527 Malicious code in sjs-biginteger (npm)
sjs-biginteger typosquats big.js on npm. Published April 7, 2026 by throwaway account vanes.s.p.orit.a, the package ships legitimate big.js source and hides its payload in a dependency: sjs-lint-build1. On install, the dependency’s postinstall hook fetches the attacker’s SSH public key from a C2...
CVE-2025-59103
The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...
CVE-2025-59103
CVE-2025-59103 concerns the Access Manager 92xx hardware revision K7. The Red Hat/NVD/CVE entries describe an SSH service exposed on port 22 with two users that have hardcoded and weak passwords, allowing SSH access. A key root-cause is that password randomization on first deployment is condition...
PT-2026-4753
Name of the Vulnerable Software and Affected Versions Access Manager 92xx hardware revision K7 affected versions not specified Description The Access Manager 92xx hardware revision K7 utilizes a Linux-based operating system, differing from older revisions that used Windows CE. An SSH service is...
CVE-2025-53963
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with netwo...
CVE-2025-53963
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with netwo...
PT-2025-49036
Name of the Vulnerable Software and Affected Versions Thermo Fisher Ion Torrent OneTouch 2 INS1005527 affected versions not specified Description The devices run an SSH server accessible via port 22. The root account has a default password of ionadmin, and a password change policy is not enforced...
CVE-2023-0881
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nftlookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package...
UBUNTU-CVE-2023-0881
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nftlookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package...
The vulnerability of the SSH protocol implementation in the software for managing Brocade SANnav networks allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SSH protocol’s software for managing SAN networks in Brocade SANnav systems is related to the use of the outdated cryptographic algorithm SHA-1. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information by connecting to po...
CVE-2024-4282
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22...
CVE-2024-4282
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22...
Weak TLS Ciphers on Brocade SANnav OVA SSH port 22. (CVE-2024-4282)
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. Detail The SSH protocol Secure Shell is a method for secure remote login from one computer to another. The target is using deprecated SHA1 cryptographic settings to communicate. IMPACT: vulnerable to...
VMware Cloud Director Security Vulnerability
VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. A security vulnerability exists in VMware Cloud Director that could...
Canonical Ubuntu 输入验证错误漏洞
Canonical Ubuntu is a GNU/Linux operating system from UK-based Canonical that focuses on desktop applications. Canonical Ubuntu suffers from an input validation error vulnerability that originates from a service running on tcp port 22 that could trigger a kernel crash...
SUSE CVE-2018-6082
Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page...
CVE-2022-30270
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
CVE-2022-24657
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...
Goldshell ASIC Miners 信任管理问题漏洞
Goldshell ASIC Miners is a mining host from Goldshell China. A security vulnerability exists in Goldshell ASIC Miners version v2.1.x, which stems from the discovery of hard-coded credentials included that allow an attacker to connect remotely via SSH protocol port 22...