Lucene search
K

110 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.9 views

CVE-2024-29954

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the...

5.9CVSS6.7AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.4 views

CVE-2024-20262

A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service DoS condition. The attacker would require valid user credentials to...

6.5CVSS6.8AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.5 views

CVE-2023-20186

A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy...

9.1CVSS7.2AI score0.00586EPSS
Exploits0References1
OSV
OSV
added 2025/05/05 3:15 a.m.2 views

CVE-2025-20668

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027...

7.8CVSS5.8AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:24 a.m.9 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS7.8AI score0.00938EPSS
Exploits0References1
OSV
OSV
added 2024/10/02 5:15 p.m.1 views

CVE-2024-20449

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added 2024/10/02 4:54 p.m.20 views

CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS0.00938EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/02 4:54 p.m.12 views

CVE-2024-20449 Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation. An attacker could exploit this vulnerability by using the Secur...

8.8CVSS7.8AI score0.00938EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.9 views

PT-2024-8633 · Cisco · Cisco Nexus Dashboard Fabric Controller

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC affected versions not specified Description: The issue is related to improper path validation in the Cisco Nexus Dashboard Fabric Controller NDFC, which could allow an authenticated, remote attacke...

9CVSS7.9AI score0.00938EPSS
Exploits0References9
Cisco
Cisco
added 2024/03/13 4:0 p.m.19 views

Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service DoS condition. The attacker would require valid user credentials to...

6.5CVSS6.5AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.4 views

PT-2024-2575 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Secure Copy Protocol SCP and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system...

6.5CVSS7.1AI score0.00146EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.3 views

Cisco IOS XR Security Vulnerability

Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from a flaw in the Secure Copy Protocol SCP and SFTP functionality that could allow an authenticated, local attacker to create or overwrite files in the syste...

6.5CVSS6.4AI score0.00146EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/06 12:0 a.m.8 views

The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.

The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...

6.1CVSS6.5AI score0.00624EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2023/09/27 4:0 p.m.67 views

Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability

A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy...

8CVSS8.7AI score0.00586EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.5 views

Cisco IOS Security Vulnerabilities

Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in the Cisco IOS software and Cisco IOS XE, which stems from a vulnerability in the authentication, authorization, and billing AAA functionality that could allow an authenticated, remote...

9.1CVSS6.9AI score0.00586EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.1 views

SUSE CVE-2016-2563

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...

9.8CVSS8.1AI score0.34216EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.3 views

PT-2022-7009 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Authentication, Authorization, and Accounting AAA feature could allow an authenticated, remote attacker to bypass command...

9.1CVSS7.3AI score0.00586EPSS
Exploits0References13
Rockylinux
Rockylinux
added 2022/09/20 11:38 a.m.18 views

openssh bug fix update

An update is available for openssh. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

1AI score
Exploits0
OSV
OSV
added 2022/05/05 5:15 p.m.4 views

CVE-2022-26340

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privileged attacke...

4.9CVSS5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/05/04 12:0 a.m.27 views

F5 Networks BIG-IP : BIG-IP and BIG-IQ SCP vulnerability (K38271531)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K38271531 advisory. An authenticated, high-privileged attacker with no bash accessmay be able to access...

4.9CVSS5.5AI score0.00435EPSS
Exploits0References2
Rows per page
Query Builder