Lucene search
+L

6 matches found

cvelist
cvelist
added 5 hours ago9 views

CVE-2026-45695 Kopia: Unauthenticated RCE via SSH ProxyCommand Injection when --insecure --without-password is used

Kopia is a cross-platform backup tool for Windows, macOS, and Linux with fast incremental backups, client-side end-to-end encryption, compression, and data deduplication. Prior to 0.23.0, Kopia's HTTP server started with --without-password accepts unauthenticated requests to /api/v1/repo/exists a...

9.8CVSS0.00109EPSS
Exploits0References4
exploitdb
exploitdb
added 2026/05/21 12:0 a.m.135 views

Cockpit 359 - RCE

Exploit Title: Cockpit 359 - RCE Date: 18-04-2026 Exploit Author: @intx0x80 Vendor Homepage: https://cockpit-project.org/ Software Link: https://github.com/cockpit-project/cockpit Version: 327-359 Tested on: Debain CVE : CVE-2026-4631 import base64 import argparse import requests import urllib3...

9.8CVSS5.8AI score0.142EPSS
Exploits4
nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : libssh-0.9.6-14.el8 (AXSA:2024-8172:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8172:04 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...

5.3CVSS5.8AI score0.01421EPSS
Exploits0References3
osv
osv
added 2024/03/04 2:39 p.m.6 views

CLSA-2024-1709563150 Fix CVE(s): CVE-2023-6004, CVE-2023-6918

SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to configparser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault -...

5.3CVSS6.8AI score0.01421EPSS
Exploits0References1
osv
osv
added 2024/03/04 2:27 p.m.7 views

CLSA-2024-1709562468 Fix CVE(s): CVE-2023-6004, CVE-2023-6918

SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to configparser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault -...

5.3CVSS6.8AI score0.01421EPSS
Exploits0References1
osv
osv
added 2024/03/04 10:21 a.m.6 views

CLSA-2024-1709547699 libssh: Fix of 2 CVEs

CVE-2023-6004: fix the possibility of injections through a hostname parameter in the ProxyCommand/ProxyJump features - CVE-2023-6918: fix the issue when unchecked return values for digests may cause DoS...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References1
Rows per page
Query Builder