Lucene search
K

157 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.40 views

EulerOS Virtualization 2.9.0 : libssh2 (EulerOS-SA-2024-1470)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacke...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.23 views

EulerOS Virtualization 2.9.1 : openssh (EulerOS-SA-2024-1460)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

6.5CVSS7.2AI score0.93305EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.37 views

EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1239)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.36 views

EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2024-1317)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.28 views

EulerOS 2.0 SP11 : python-paramiko (EulerOS-SA-2024-1224)

According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.38 views

EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1217)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.147 views

RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.3AI score0.99999EPSS
Exploits23References16
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.40 views

SUSE SLED15: bouncycastle / bouncycastle-javadoc / bouncycastle-jmail / etc (SUSE-SU-2024:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - Updated jsch to version 0.2.15: - CVE-2023-48795: Fixed a prefix truncation issue that could lead to...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.27 views

Debian dla-3719 : php-seclib - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3719 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3719-1 [email protected] https://www.debian.org/lts/security/...

5.9CVSS7.2AI score0.93305EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2024/01/19 12:0 a.m.29 views

Fedora 38 : podman (2024-06ebb70bdd)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-06ebb70bdd advisory. Automatic update for podman-4.8.3-1.fc38. Changelog for podman Wed Jan 03 2024 Packit - 5:4.8.3-1 - packit 4.8.3 upstream release Tenable has extracted the...

5.9CVSS7AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.26 views

Debian dsa-5599 : php-seclib - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5599 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.214 views

Ubuntu 16.04 ESM / 18.04 ESM : OpenSSH vulnerabilities (USN-6560-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-2 advisory. USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

6.5CVSS7.1AI score0.93305EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.32 views

Fedora 39 : putty (2024-d946b9ad25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d946b9ad25 advisory. Security fix for CVE-2023-48795. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2023/12/20 12:0 a.m.40 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current proftpd Vulnerability (SSA:2023-354-01)

The version of proftpd installed on the remote host is prior to 1.3.8b. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-354-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2023/12/20 12:0 a.m.66 views

FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.176 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6560-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If...

9.8CVSS7AI score0.93305EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2023/12/18 12:0 a.m.119 views

Amazon Linux 2 : openssh (ALAS-2023-2376)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2376 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A...

5.9CVSS6.8AI score0.93305EPSS
Exploits4References4
NVD
NVD
added 2022/09/20 10:15 p.m.29 views

CVE-2022-39220

SFTPGo is an SFTP server written in Go. Versions prior to 2.3.5 are subject to Cross-site scripting XSS vulnerabilities in the SFTPGo WebClient, allowing remote attackers to inject malicious code. This issue is patched in version 2.3.5. No known workarounds exist...

6.1CVSS0.00521EPSS
Exploits0References1
Prion
Prion
added 2022/09/20 10:15 p.m.12 views

Cross site scripting

SFTPGo is an SFTP server written in Go. Versions prior to 2.3.5 are subject to Cross-site scripting XSS vulnerabilities in the SFTPGo WebClient, allowing remote attackers to inject malicious code. This issue is patched in version 2.3.5. No known workarounds exist...

5.8CVSS6.1AI score0.00521EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/20 10:10 p.m.7 views

CVE-2022-39220 XSS Vulnerabilities in WebClient

SFTPGo is an SFTP server written in Go. Versions prior to 2.3.5 are subject to Cross-site scripting XSS vulnerabilities in the SFTPGo WebClient, allowing remote attackers to inject malicious code. This issue is patched in version 2.3.5. No known workarounds exist...

6.1CVSS6.2AI score0.00521EPSS
Exploits0References1
Rows per page
Query Builder