11 matches found
OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm ECDSA algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than...
OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions
A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...
RHEL 9 : buildah (RHSA-2026:12030)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12030 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...
Siemens SCALANCE and RUGGEDCOM Missing Authentication for Critical Function (CVE-2025-32433)
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.41 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.41 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
PT-2023-4594 · Ibm · Vios +1
Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS version 3.1 Description: The issue is related to improper access controls in the OpenSSH implementation, which could allow a non-privileged local user to access files outside of those allowed. This could...
golang: crash in a golang.org/x/crypto/ssh server
A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Sophos Unified_Threat_Management_Software
SSHTron SSHTron is a multiplayer lightcycle game that runs through SSH. 通过下面命令连接到游戏: $ ssh 192.168.1.111:2022 Controls: WASD or vim keybindings to move do not use your arrow keys. Escape or Ctrl+C to exit. Want to choose color yourself? 有7种颜色可供选择: Red, Green, Yellow, Blue, Magenta, Cyan and White...
The vulnerability of the Secure Shell subsystem of the StarOS operating system and the Virtualized Packet Core management software allows a hacker to gain root privileges.
The vulnerability of the Secure Shell subsystem of the StarOS operating system and the Virtualized Packet Core management software is related to deficiencies in access control mechanisms lack of checks on parameters transmitted during SSH or SFTP connections. Exploiting this vulnerability allows ...
Cisco IOS XR SSH Link Termination Denial of Service Vulnerability
Cisco IOS XR is a member of the Cisco IOS software family and uses a microkernel-based distribution operating system architecture. A security vulnerability in Cisco IOS XR SSH handling allows a remote authenticated user to disconnect the SSH link making the vty unstable and subsequent SSH or Teln...
openssh: failure to check DNS SSHFP records in certain scenarios
It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record...