The vulnerability of the ObscureKeystrokeTiming() function in the SSH client of the OpenSSH cryptographic security tool allows a intruder to gain unauthorized access to protected information.

The vulnerability of the ObscureKeystrokeTiming function in the SSH client of the OpenSSH cryptographic security tool is related to synchronization errors when using a shared resource “Race Conditions”. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized...

USN-7051-1 python-asyncssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

The vulnerability of the microprogramming software of the Infinera hiT 7300 platform, which is related to the use of rigidly encrypted account data, allows attackers to enhance their privileges.

The vulnerability of the microprogramming software used in the Infinera hiT 7300 optical communication platform is related to the use of rigidly encrypted account data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to enhance their privileges by gaining access t...

CVE-2024-28813

An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface...

Infinera hiT 7300 安全漏洞

The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet-optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50 that stems from a hidden SSH service with hard-coded credentials that allows an attacker to access...

PLANET switch devices 安全漏洞

PLANET switch devices are a series of switch devices from PLANET China. A security vulnerability exists in PLANET switch devices, which arises from the SSH service mishandling connection requests that are not adequately authenticated, allowing unauthorized remote attackers to exploit this weaknes...

The vulnerability in the implementation of the SSH server of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to execute a spoofing attack.

The vulnerability of the SSH-server implementation in the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to the use of cryptographic algorithms for encryption with a hard-programmed key. Exploiting this vulnerability could allow a malicious act...

HashiCorp Vault Enterprise和HashiCorp Vault Community Edition 安全漏洞

HashiCorp Vault Enterprise and HashiCorp Vault Community Edition are both products of HashiCorp, Inc. of the U.S.A. HashiCorp Vault Enterprise is an enterprise information archiving platform.HashiCorp Vault HashiCorp Vault Enterprise is an enterprise information archiving platform, and HashiCorp...

PT-2024-12050 · Nokia · Bts

Name of the Vulnerable Software and Affected Versions: BTS affected versions not specified Description: The issue concerns an information disclosure vulnerability. Mobile network operator personnel connected over BTS Web Element Manager can read BTS service operation details performed by Nokia Ca...

CVE-2020-11847

SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1...

Russh 安全漏洞

Russh is a Rust SSH client and server-side library from the individual developers at Eugene. A security vulnerability exists in Russh that stems from allocating an untrusted amount of memory...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from a signal handler in sshd8 that may call non-asynchronous signal-safe logging functions, leading to a race condition that can be exploited by an attacker to execu...

PT-2024-8964 · Brocade · Brocade Fabric Os

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.2.2 Description: The issue is related to weaknesses in the authentication procedure of Brocade Fabric OS, allowing a remote attacker to hijack a service session. This could be achieved through...

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

AdTran SRG 834-5 HDC17600021F1 操作系统命令注入漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which can be exploited to execute arbitrary operating system commands with root privileges by...

AdTran SRG 834-5 HDC17600021F1 安全漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. A security vulnerability exists in the AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which stems from the device having SSH enabled by default, which allows an attacker to gain unauthorized root access by...

CVE-2021-43565

...

CVE-2024-39562

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

Juniper Networks Junos OS Evolved Security Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved that originated from allowing an attacker to cause a denial of service DoS by blocking SSH access to a legitimate user...