Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

Erlang-OTP-SSH-CVE-2025-32433 Exploit Erlang/OTP SSH CVE-202...

Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issues: Updated to version 2.1.3: Simplify podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Updated to go1.23, required by the new x/crypto module CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs...

The vulnerability of the SSH protocol implementation on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the SSH protocol implementation in OpenSSH servers for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SSH plugin in the JetBrains Toolbox suite is related to incorrect verification of the certificate’s authenticity. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...

The vulnerability of the SSH plugin of the JetBrains Toolbox, a set of development tools, allows a hacker to execute arbitrary commands.

The vulnerability of the SSH plugin of the JetBrains Toolbox developer’s tools is related to the lack of measures taken at the control level for data cleaning. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

USN-7443-2 erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 25.04. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker coul...

Security update for erlang26

This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

...

Vulnerability fixed in Erlang/OTP SSH server

Erlang/OTP developers have fixed a vulnerability in Erlang OTP. The vulnerability is located in the SSH functionality of affected versions of Erlang/OTP. The vulnerability allows an unauthenticated remote malicious person to execute arbitrary code in context of the SSH deamon by sending prepared...

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

USN-7443-1 erlang vulnerability

Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

SUSE CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

JetBrains Toolbox App 安全漏洞

JetBrains Toolbox App is an application for managing JetBrains development tools that helps users install, update and manage multiple JetBrains development tools. A security vulnerability exists in JetBrains Toolbox App that stems from unencrypted transmission of credentials during SSH...

JetBrains Toolbox 命令注入漏洞

JetBrains Toolbox App is an application for managing JetBrains development tools, providing installation, update, and management capabilities. JetBrains Toolbox App suffers from a command injection vulnerability that stems from the SSH plugin handling input improperly. An attacker could exploit t...

DEBIAN-CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

AZL-60441 CVE-2025-32433 affecting package erlang for versions less than 26.2.5.11-1

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

UBUNTU-CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

Erlang/OTP 访问控制错误漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. An access control error vulnerability exists in Erlang/OTP versions prior to 27.3.3, which stems from an SSH protocol message...