Lucene search
K

54 matches found

OSV
OSV
added 2022/07/20 1:15 p.m.1 views

CVE-2022-24657

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow attackers to remotely connect via the SSH protocol port 22...

9.8CVSS5.8AI score0.00934EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.8 views

Microsoft Visual Studio Code Code Injection Vulnerability

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Visual Studio Code. The following products and versions are affected:Visual Studio Code Remote - SSH Extension...

7.8CVSS7.2AI score0.03552EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2020/02/23 12:0 a.m.84 views

Go SSH 0.0.2 Denial Of Service

Exploit Title: Go SSH servers 0.0.2 - Denial of Service PoC Author: Mark Adams Date: 2020-02-21 Link: https://github.com/mark-adams/exploits/blob/master/CVE-2020-9283/poc.py CVE: CVE-2020-9283 Running this script may crash the remote SSH server if it is vulnerable. The GitHub repository contains ...

7.8AI score0.21052EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2019/10/31 12:0 a.m.95 views

Amazon Linux AMI : openssh (ALAS-2019-1313)

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References4
OSV
OSV
added 2019/08/23 6:15 p.m.3 views

CVE-2019-1580

Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon SSHD and corrupt arbitrary memory...

9.8CVSS5.9AI score0.03219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

NewStart CGSL MAIN 4.05 : openssh-latest Vulnerability (NS-SA-2019-0157)

The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by a vulnerability: - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact i...

5.3CVSS7AI score0.03681EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.109 views

Amazon Linux 2 : openssh (ALAS-2019-1216)

An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented. A...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.64 views

EulerOS Virtualization 3.0.1.0 : openssh (EulerOS-SA-2019-1426)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, whi...

6.8CVSS7.3AI score0.98631EPSS
Exploits32References6
OSV
OSV
added 2019/04/29 6:2 a.m.13 views

SUSE-SU-2019:0125-2 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
NVD
NVD
added 2019/04/18 10:29 p.m.15 views

CVE-2019-9160

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH on TCP port 22345 and escalate to root because the password for root is the WebUI admin password concatenated with a static string...

10CVSS9.7AI score0.03185EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/18 9:58 p.m.17 views

CVE-2019-9160

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH on TCP port 22345 and escalate to root because the password for root is the WebUI admin password concatenated with a static string...

9.8AI score0.03185EPSS
Exploits0References1
OSV
OSV
added 2019/03/23 10:50 a.m.14 views

OPENSUSE-SU-2019:0091-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.6AI score0.58204EPSS
Exploits10References9
Tenable Nessus
Tenable Nessus
added 2019/01/29 12:0 a.m.53 views

openSUSE Security Update : openssh (openSUSE-2019-91)

This update for openssh fixes the following issues : Security issues fixed : - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers ...

6.8CVSS7.1AI score0.58204EPSS
Exploits10References8
OPENSUSE Linux
OPENSUSE Linux
added 2019/01/28 12:0 a.m.173 views

Security update for openssh (important)

openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2019:0091-1 Rating: important References: 1121571 1121816 1121818 1121821 Cross-References: CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 Affected Products: openSUSE Leap 15.0 An update that fixes four...

6.8CVSS6.9AI score0.58204EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
added 2019/01/22 12:0 a.m.84 views

SUSE SLES11 Security Update : openssh (SUSE-SU-2019:13931-1)

This update for openssh fixes the following issues : Security issue fixed : CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS7.1AI score0.58204EPSS
Exploits10References13
OSV
OSV
added 2019/01/18 3:30 p.m.14 views

SUSE-SU-2019:13931-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2019/01/18 1:19 p.m.12 views

SUSE-SU-2019:0125-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
RedhatCVE
RedhatCVE
added 2019/01/14 2:49 a.m.70 views

CVE-2018-20685

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. Mitigation This issue only affects the users of scp binary which...

5.3CVSS3.4AI score0.03681EPSS
Exploits0References2
OSV
OSV
added 2019/01/10 9:29 p.m.102 views

CVE-2018-20685

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side...

5.3CVSS5.5AI score
Exploits0References14
Prion
Prion
added 2019/01/10 9:29 p.m.312 views

Directory traversal

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side...

2.6CVSS6AI score0.03681EPSS
Exploits0References14Affected Software17
Rows per page
Query Builder