PLANET switch devices 安全漏洞

PLANET switch devices are a series of switch devices from PLANET China. A security vulnerability exists in PLANET switch devices, which arises from the SSH service mishandling connection requests that are not adequately authenticated, allowing unauthorized remote attackers to exploit this weaknes...

The vulnerability in the implementation of the SSH server of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to execute a spoofing attack.

The vulnerability of the SSH-server implementation in the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to the use of cryptographic algorithms for encryption with a hard-programmed key. Exploiting this vulnerability could allow a malicious act...

HashiCorp Vault Enterprise和HashiCorp Vault Community Edition 安全漏洞

HashiCorp Vault Enterprise and HashiCorp Vault Community Edition are both products of HashiCorp, Inc. of the U.S.A. HashiCorp Vault Enterprise is an enterprise information archiving platform.HashiCorp Vault HashiCorp Vault Enterprise is an enterprise information archiving platform, and HashiCorp...

PT-2024-12050 · Nokia · Bts

Name of the Vulnerable Software and Affected Versions: BTS affected versions not specified Description: The issue concerns an information disclosure vulnerability. Mobile network operator personnel connected over BTS Web Element Manager can read BTS service operation details performed by Nokia Ca...

CVE-2020-11847

SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1...

Russh 安全漏洞

Russh is a Rust SSH client and server-side library from the individual developers at Eugene. A security vulnerability exists in Russh that stems from allocating an untrusted amount of memory...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from a signal handler in sshd8 that may call non-asynchronous signal-safe logging functions, leading to a race condition that can be exploited by an attacker to execu...

PT-2024-8964 · Brocade · Brocade Fabric Os

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.2.2 Description: The issue is related to weaknesses in the authentication procedure of Brocade Fabric OS, allowing a remote attacker to hijack a service session. This could be achieved through...

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

AdTran SRG 834-5 HDC17600021F1 操作系统命令注入漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which can be exploited to execute arbitrary operating system commands with root privileges by...

AdTran SRG 834-5 HDC17600021F1 安全漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. A security vulnerability exists in the AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which stems from the device having SSH enabled by default, which allows an attacker to gain unauthorized root access by...

CVE-2021-43565

...

CVE-2024-39562

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

Juniper Networks Junos OS Evolved Security Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved that originated from allowing an attacker to cause a denial of service DoS by blocking SSH access to a legitimate user...

PT-2024-10054 · Lenovo · Lenovo Xclarity Controller

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Controller XCC affected versions not specified Description: A privilege escalation issue was found in the web interface or SSH captive command shell interface of XCC. This could allow an authenticated XCC user with elevated...

CVE-2024-6580

The /n software IPWorks SSH library SFTPServer component can be induced to make unintended filesystem or network path requests when loading a SSH public key or certificate. To be exploitable, an application calling the SFTPServer component must grant user access without verifying the SSH public k...

Gogs Security Breach

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the GOGS team, which supports creating and migrating public/private repositories, adding and deleting repository collaborators, and so on. A security vulnerability exists in Gogs version 0.13.0, which stems from...

GO Simple Tunnel Security Vulnerability

GO Simple Tunnel is a GO language implementation of a secure tunnel by ginuerzh individual developers. A security vulnerability exists in GO Simple Tunnel version 2.11.5, which stems from an authentication bypass issue in the SSH service that allows an attacker to intercept communication via a...

DEBIAN-CVE-2024-39894

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., for su and Sudo because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur...