Barco wePresent WiPG-1600W Security Vulnerability

Barco Barco wePresent WiPG-1600W is a management appliance for conference environments from Barco Belgium. A security vulnerability exists in Barco wePresent WiPG-1600W 2.5.1.8 that stems from the inclusion of an SSH daemon. By default, the SSH daemon is disabled and is not started at system boot...

PYSEC-2020-104

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...

UBUNTU-CVE-2020-16846

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...

Vulnerabilities fixed in Salt

Vulnerabilities have been fixed in Salt. Salt is used used in VMware vRealize Operations Manager and RSA NetWitness. Exploiting the vulnerabilities allows an unauthenticated malicious person to execute willful code with permissions of the application. To do this, the malicious party must have...

Apple iOS and Apple iPadOS Data Forgery Issue Vulnerability

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products, which can be exploited by an attacker to intercept...

The vulnerability of the command-line interface of Telnet/Secure Shell (SSH) on the Cisco IOS XE operating system allows a malicious actor to execute commands with root privileges.

The vulnerability of the Telnet/Secure Shell SSH command-line interface of the Cisco IOS XE operating system is related to access control errors. Exploiting this vulnerability allows an attacker to execute commands with root privileges...

CVE-2020-16259

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user...

CVE-2019-8901

This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action...

Oracle Solaris Utility Access Control Issue Vulnerability

Oracle Solaris is a UNIX operating system from Oracle. An Access Control Error vulnerability exists in Oracle Solaris Utility version 11, which can be exploited by an attacker with low privileges to compromise Oracle Solaris via SSH for network access...

CVE-2020-1683

On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash vmcore. Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of t...

cloud-init: default configuration disabled deletion of SSH host keys

The default cloud-init configuration included "sshdeletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct...

CVE-2020-3404

A vulnerability in the persistent Telnet/Secure Shell SSH CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS with root privileges. The vulnerability is due to insufficient...

CVE-2019-11862

The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying...

CVE-2020-24056

A hardcoded credentials vulnerability exists in Verint 5620PTZ VerintFW042, Verint 4320 V4320FW023, V4320FW031, and Verint S5120FD VerintFW042units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols...

CVE-2019-20150

In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...

CVE-2020-16137

A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being...

golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic

A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server...

golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic

A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server...

USN-4447-1 libssh vulnerability

It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

Grandstream HT800 series Encryption Problem Vulnerability

The Grandstream HT800 series is an HT800 series analog phone adapter from Grandstream. The Grandstream HT800 series is vulnerable to an encryption issue that originates from a backdoor in the SSH service. The vulnerability can be exploited by an attacker to obtain a root shell by correctly...