CVE-2025-20265

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...

CVE-2012-10060

Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...

CVE-2025-20265

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...

CVE-2012-10060

Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...

CVE-2012-10060 Sysax Multi Server < 5.55 SSH Username Buffer Overflow

Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...

CVE-2012-10060

Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...

CVE-2012-10060 Sysax Multi Server < 5.55 SSH Username Buffer Overflow

Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code...

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

PT-2025-33095

Name of the Vulnerable Software and Affected Versions: Sysax Multi Server versions prior to 5.55 Description: Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker provides an overly long username during authentication, the serv...

CVE-2025-43982

CVE-2025-43982 affects Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC devices (v3.4.2731.16.43). The underlying issue: SSH service is enabled by default and a hard-coded root account cannot be disabled via the GUI. Impact is described as high for confidentiality, integrity, and availability with net...

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

CVE-2025-43982

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI...

Codeorigin Sysax Multi Server 安全漏洞

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A security vulnerability exists in Codeorigin Sysax Multi Server versions prior to 5.55, which stems from a stack buffer overflow in the SSH service's handling of usernames, whi...

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the incident. More troubling is the fact that other images have been built on top of these infected base images, effectively propagating the infection furthe...

Fedora: Security Advisory (FEDORA-2025-81d05a9171)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : toolbox (2025-e41c694c83)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e41c694c83 advisory. Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum...

Jenkins ssh-slave Docker Image SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-slave docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-slave Docker images, SSH host keys are generated on image creation for images based on Debian, causing all...

Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...

Linux Distros Unpatched Vulnerability : CVE-2022-46343

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been...

Fedora: Security Advisory (FEDORA-2025-04158e05ef)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...