2247 matches found
CVE-2026-22564
An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation:...
SUSE-SU-2026:21106-1 Security update for cockpit
This update for cockpit fixes the following issues: Changes in cockpit: - CVE-2026-4631: Avoid ssh command injection that could be used to cause remote code execution bsc1261829...
PT-2026-32535
Name of the Vulnerable Software and Affected Versions UniFi Play PowerAmp versions prior to 1.0.38 UniFi Play Audio Port versions prior to 1.1.9 Description Improper Access Control in the UniFi Play network allows a malicious actor with network access to enable SSH, which can lead to unauthorized...
Exploit for Path Traversal in Gogs
Gogs RCE Exploit CVE-2025-8110 !Pythonhttps://img.shield...
RHSA-2026:7383 Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Bulletin has no description...
RHSA-2026:7382 Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Bulletin has no description...
RHSA-2026:7381 Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Bulletin has no description...
SUSE CVE-2026-4631
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals()
phpseclib SSH2: Variable-time comparison in HMAC verification Summary phpseclib\Net\SSH2::getbinarypacket uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp, which short-circuits on the first differi...
Critical: Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
An update for cockpit is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
Critical: Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
An update for cockpit is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
cockpit: Cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
RHEL 10 : cockpit: Unauthenticated remote code execution due to SSH command-line argument injection (Critical) (RHSA-2026:7381)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7381 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports,...
ALSA-2026:7383 Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: ws: be more explicit when handling hostnames on cli...
ALSA-2026:7384 Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: ws: be more explicit when handling hostnames on cli...
Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: ws: be more explicit when handling hostnames on cli...
JLSEC-2026-67
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2025-13914 Apstra: SSH host key validation vulnerability for managed devices
A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle attack on the SSH...