110 matches found
CVE-2024-29954
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the...
CVE-2024-20262
A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service DoS condition. The attacker would require valid user credentials to...
CVE-2023-20186
A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy...
CVE-2025-20668
In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027...
CVE-2024-20449
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
CVE-2024-20449
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability
A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...
PT-2024-8633 · Cisco · Cisco Nexus Dashboard Fabric Controller
Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: The issue is related to improper path validation in the Cisco Nexus Dashboard Fabric Controller NDFC, which could allow an authenticated, remote attacke...
Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability
A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service DoS condition. The attacker would require valid user credentials to...
PT-2024-2575 · Cisco · Cisco Ios Xr
Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system...
Cisco IOS XR Security Vulnerability
Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from a flaw in the Secure Copy Protocol SCP and SFTP functionality that could allow an authenticated, local attacker to create or overwrite files in the syste...
The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.
The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...
Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability
A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy...
Cisco IOS Security Vulnerabilities
Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in the Cisco IOS software and Cisco IOS XE, which stems from a vulnerability in the authentication, authorization, and billing AAA functionality that could allow an authenticated, remote...
SUSE CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
PT-2022-7009 · Cisco · Cisco Ios Xe +1
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Authentication, Authorization, and Accounting AAA feature could allow an authenticated, remote attacker to bypass command...
openssh bug fix update
An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...
CVE-2022-26340
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privileged attacke...
F5 Networks BIG-IP : BIG-IP and BIG-IQ SCP vulnerability (K38271531)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K38271531 advisory. An authenticated, high-privileged attacker with no bash accessmay be able to access...