162 matches found
Astra Linux - уязвимость в curl
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
CVE-2025-13809
Summary: CVE-2025-13809 affects orionsec orion-ops (SSH Connection Handler) via the MachineInfoController, where manipulating arguments host/sshPort/username/password/authType can trigger server-side request forgery. The vulnerability is described across multiple sources as exploitable from remot...
CVE-2025-13809 orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery
A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...
CVE-2025-13809 orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery
A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...
PT-2025-48413
A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...
EUVD-2016-3446
Malware in sbrugna...
EUVD-2016-7316
Malware in sbrugna...
EUVD-2017-9707
Malware in sbrugna...
EUVD-2019-6295
Malware in sbrugna...
EUVD-2020-12545
Malware in sbrugna...
EUVD-2018-1117
Malware in sbrugna...
EUVD-2024-1670
Malicious code in bioql PyPI...
EUVD-2023-31293
Malicious code in bioql PyPI...
EUVD-2024-3287
Malicious code in bioql PyPI...
EUVD-2022-48982
Malicious code in bioql PyPI...
EUVD-2025-12541
Malicious code in bioql PyPI...
EUVD-2025-20791
Malicious code in bioql PyPI...
EUVD-2025-16890
Malicious code in bioql PyPI...
CVE-2025-27027
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...
CVE-2025-27027 Restricted shell evasion in Radiflow iSAP Smart Collector
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...