EUVD-2025-23997

Malicious code in bioql PyPI...

Do Not Preset authorized_keys for the SSH Service

authorizedkeys specifies the public key of the remote host. You can store the public key in the $HOME/.ssh/authorizedkeys file in the home directory for public key authentication. Then you can directly log in to the system. If authorizedkeys is preset in the system and public and private key...

Linux Distros Unpatched Vulnerability : CVE-2024-39223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433 – Erlang/OTP SSH RCE Vulnerability 📌 Summary...

PT-2025-33095

Name of the Vulnerable Software and Affected Versions: Sysax Multi Server versions prior to 5.55 Description: Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker provides an overly long username during authentication, the serv...

CVE-2025-8731

A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-8731

TRENDnet CVE-2025-8731 affects TI-G160i, TI-PG102i and TPL-430AP (up to 20250724) with the SSH Service using default credentials. Several sources confirm remote exploitation is possible and that the exploit has been publicly disclosed. Mitigation in publicly released documents centers on credenti...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via a vulnerable LeeEirc\crypto dependency. An attacker can utilize a disclosed public key to attempt brute-force authentication against the SSH service. Note: While the vulnerability exists in...

CVE-2024-20526

A vulnerability in the SSH server of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. A...

PT-2024-13560 · Rexroth +1 · Nexo Cordless Nutrunner Nxa011S-36V +8

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account. There is no information...

Cisco Catalyst SD-WAN Manager Security Vulnerability

Cisco Catalyst is a family of switches from Cisco USA. A security vulnerability exists in Cisco Catalyst SD-WAN Manager, which stems from a vulnerability in the SSH service, where an unauthenticated, remote attacker could cause the process to crash, resulting in a DoS condition for SSH access onl...

CVE-2022-45430

Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service...

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

PT-2022-15725 · Unknown · Core Ftp Server

Name of the Vulnerable Software and Affected Versions: Core FTP / SFTP Server version 2 Build 725 Description: The issue allows unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service. Recommendations: For Core FTP / SFTP Server version 2 Build 725,...

Cisco StarOS operating system 资源管理错误漏洞

Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. A denial of service vulnerability exists in the SSH service for Cisco StarOS 21.9.0 - 21.19.10. The vulnerability stems from a logic error that can occur under certain traffic...

Moxa AWK-3131A Operating System Command Injection Vulnerability

Moxa AWK-3131A is a wireless access device from Moxa. An operating system command injection vulnerability exists in the Telnet, SSH, and console login functions of the Moxa AWK-3131A using firmware versions 1.4 through 1.7. A remote attacker can exploit this vulnerability to execute root OS...

Schneider Electric Pelco Sarix Professional Unauthorized Operation Vulnerability

The Schneider Electric Pelco Sarix Professional is a video surveillance device from Schneider Electric France. A security vulnerability exists in the Schneider Electric Pelco Sarix Professional using firmware prior to version 3.29.67, which stems from the program failing to perform authentication...

CVE-1999-0634

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...