Important: amazon-ssm-agent

Issue Overview: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. CVE-2025-22869 Affected Packages:...

The vulnerability of the SSH server in the Golang programming language, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the SSH server in the Golang programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Huawei多款产品 安全漏洞

Huaweiu202fEG8141A5 and others are a routed fiber access device from Huawei China. A security vulnerability exists in various Huawei products, which stems from the ability of an Epuser account to disable the ONT firewall feature, which may result in the removal of the default SSH and TELNET TCP...

CVE-2025-20163

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller NDFC could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by...

Cisco Integrated Management Controller 安全漏洞

Cisco Integrated Management Controller IMC is a suite of software from Cisco USA for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down, and rebooting servers. A security vulnerability exists in...

SUSE-SU-2025:20360-1 Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.22.0: - CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765. - CVE-2025-22868: golang.org/x/oauth2/jws:...

OESA-2025-1553 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

OESA-2025-1552 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

CVE-2024-21988

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

CVE-2023-25189

BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via SSH...

CVE-2023-0345

The Akuvox E11 secure shell SSH server is enabled by default and can be accessed by the root user. This password cannot be changed by the user...

Intellian Iridium Certus 700 信任管理问题漏洞

Intellian Iridium Certus 700 is a marine satellite Internet system from Intellian Corporation in South Korea. A trust management issue vulnerability exists in Intellian Iridium Certus 700 version 1.0.1, which stems from an embedded credentials vulnerability that could lead to the retrieval of SSH...

The vulnerability of the SSH-server software solution for monitoring the status of B&R APROL industrial systems allows a intruder to execute arbitrary commands.

The vulnerability of the SSH-server software solution for monitoring the status of B&R APROL industrial systems is related to the inclusion of functions from an unreliable and uncontrolled area. Exploiting this vulnerability could allow a perpetrator to execute arbitrary commands...

The vulnerability of the SSH-server software solution for monitoring the status of B&R APROL industrial systems allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SSH-server software solution for monitoring the status of B&R APROL industrial systems is related to incomplete filtering of specific elements. Exploiting this vulnerability could allow an intruder to compromise the confidentiality, integrity, and accessibility of the...

CVE-2022-38133

In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases...

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

CVE-2021-28912

BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access...

CVE-2021-27450

SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E all firmware versions prior to v04A00.1...

CVE-2020-11939

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concathashstring in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI...

CVE-2020-0757

An elevation of privilege vulnerability exists when Windows improperly handles Secure Socket Shell remote commands, aka 'Windows SSH Elevation of Privilege Vulnerability'...