PT-2025-32366 · Trendnet · Tpl-430Ap +2

Name of the Vulnerable Software and Affected Versions: TRENDnet TI-G160i versions up to 20250724 TRENDnet TI-PG102i versions up to 20250724 TRENDnet TPL-430AP versions up to 20250724 Description: A critical vulnerability exists in the SSH Service component of TRENDnet devices. The issue involves...

FIRSTNUM JC21A-04 安全漏洞

The FIRSTNUM JC21A-04 is a router from the Chinese company FIRSTNUM. A security vulnerability exists in the FIRSTNUM JC21A-04 version 2.01ME/FN and prior versions, which stems from the SSH service being enabled by default and using root/admin credentials...

SUSE CVE-2025-5689

A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session...

CVE-2025-38741

Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication...

xorg-x11-server: XIPassiveUngrab out-of-bounds access

A vulnerability was found in X.Org. This issue occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: XvdiSelectVideoNotify use-after-free

A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding...

xorg-x11-server: XTestSwapFakeInput stack overflow

A vulnerability was found in X.Org. The issue occurs due to the swap handler for the XTestFakeInput request of the XTest extension, possibly corrupting the stack if GenericEvents with lengths larger than 32 bytes are sent through the XTestFakeInput request. This flaw can lead to local privilege...

RUCKUS SmartZone 安全漏洞

RUCKUS SmartZone is a network controller from RUCKUS. A security vulnerability exists in versions prior to the RUCKUS SmartZone 6.1.2p3 Refresh Build, which stems from hard-coded SSH private keys and could lead to a security risk...

Dell Enterprise SONiC OS 安全漏洞

DELL Enterprise SONiC OS is an open source network operating system developed by Dell and designed for data center and cloud computing scenarios. DELL Enterprise SONiC OS suffers from a cryptographic key vulnerability that stems from a cryptographic key vulnerability in SSH, which can be exploite...

konsole: Konsole Remote Code Execution Vulnerability

A flaw was found in Konsole. The application's handling of URLs using scheme handlers like ssh://, telnet://, or rlogin:// allows a remote attacker to trigger arbitrary code execution. This issue occurs when a user opens a specially crafted URL, bypassing authentication checks. Consequently, a...

[SECURITY] Fedora 41 Update: cloud-init-24.2-4.fc41

Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...

[SECURITY] Fedora 42 Update: cloud-init-24.2-5.fc42

Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...

CVE-2025-29629

Gardyn Home Kit firmware before master.619, Home Kit Mobile Application before 2.11.0, and Home Kit Cloud API before 2.12.2026 uses weak default credentials for secure shell access. This may result in attackers gaining access to exposed Gardyn Home Kits...

USN-7443-3 erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authenticatio...

Erlang/OTP SSH Has Strict KEX Violations

...

SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...

CVE-2025-24006

A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root...

PHOENIX CONTACT CHARX SEC 输入验证错误漏洞

The PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. The PHOENIX CONTACT CHARX SEC suffers from an input validation error vulnerability that originates from a local attacker who can exploit a vulnerable script via SSH and elevate privileges to root due...

The vulnerability of the Konsole terminal emulator in the KDE desktop environment allows a hacker to execute arbitrary code.

The vulnerability of the Konsole terminal emulator in the KDE desktop environment is related to the improper handling of control flows when processing URL schemes like telnet://, rlogin://, and ssh://. Exploiting this vulnerability allows a remote attacker to execute arbitrary code when a user...