CVE-2025-68269

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

CVE-2025-68269

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

UBUNTU-CVE-2025-68320

In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 inatomic: 1, irqsdisabled: 0,...

CVE-2025-68269

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

CVE-2025-68269

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

CVE-2025-68269

JetBrains IntelliJ IDEA is affected when running versions prior to 2025.3, where a missing confirmation allows opening untrusted remote projects over SSH, constituting a remote project trust bypass vulnerability (CVE-2025-68269). The issue is described as a vulnerability in the IDE’s handling of ...

EUVD-2025-203761

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2025.3, which stems from a missing validation step that could result in opening an untrusted...

PT-2025-51720

In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH...

mcp-exploit-demo-master

!Imagehttps://github.com/user-attachments/assets/2180e098-091...

CVE-2025-66406

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2523)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-50557

Name of the Vulnerable Software and Affected Versions Cybersecurity AI CAI versions 0.5.9 and below Description Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. The run ssh command with credentials function is susceptible t...

Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool

Summary A command injection vulnerability is present in the function tool runsshcommandwithcredentials available to AI agents. Details This is the source code of the function tool runsshcommandwithcredentials code: python @functiontool def runsshcommandwithcredentials host: str, username: str,...

CVE-2025-8148

An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...

CVE-2025-41693

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected...

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-41693 Authenticated Denial-of-Service via SSH

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected...

CVE-2025-41693 Authenticated Denial-of-Service via SSH

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected...

CVE-2025-41693

CVE-2025-41693 affects PHOENIX CONTACT FL SWITCH (industrial Ethernet switch). Technical details across sources indicate the SSH feature can be abused by a low-privileged remote attacker to execute commands after login. The vulnerability leads to a persistent process that consumes resources and d...