2249 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-1235
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors...
Linux Distros Unpatched Vulnerability : CVE-2008-3234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by...
SUSE: Security Advisory (SUSE-SU-2025:02718-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 4.0: Libssh PHSA-2025-4.0-0856
An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0856. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2017-3204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to...
CVE-2025-36120
IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...
Linux Distros Unpatched Vulnerability : CVE-2025-47203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. CVE-2025-47203 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2018-15599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The recvmsguserauthrequest function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how...
Linux Distros Unpatched Vulnerability : CVE-2023-38408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded...
CVE-2025-36120
IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...
CVE-2025-36120
IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...
CVE-2025-36120 IBM Storage Virtualize privilege escalation
IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...
CVE-2025-36120
CVE-2025-36120 affects IBM Storage Virtualize 8.4–8.7 and can allow an authenticated user to escalate privileges in an SSH session due to incorrect authorization checks when accessing resources. The IBM Security Bulletin details the vulnerability under CWE-863 (Incorrect Authorization) and lists ...
PT-2025-33650 · Ibm · Ibm Storage Virtualize
Name of the Vulnerable Software and Affected Versions: IBM Storage Virtualize versions 8.4 through 8.7 Description: An authenticated user may be able to escalate their privileges within an SSH session due to incorrect authorization checks when accessing resources. Recommendations: IBM Storage...
Linux Distros Unpatched Vulnerability : CVE-2019-17069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1MSGDISCONNECT message...
CVE-2025-20265
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...
CVE-2012-10060
Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...
CVE-2025-20265
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...
CVE-2012-10060
Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...
CVE-2012-10060
Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...