2268 matches found
EUVD-2025-31637
Malicious code in bioql PyPI...
EUVD-2025-25789
Malicious code in bioql PyPI...
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands
...
SSH Communications Security SSH Tectia Server 安全漏洞
SSH Communications Security SSH Tectia Server is a remote login server software from SSH Communications Security, Finland. A security vulnerability exists in SSH Communications Security SSH Tectia Server versions prior to 6.6.6, which stems from a vulnerability that could allow an attacker to rea...
CVE-2025-32942
SSH Tectia Server before 6.6.6 sometimes allows attackers to read and alter a user's session traffic...
CVE-2025-34217
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments contain an undocumented 'printerlogic' user with a hardcoded SSH public key in '/.ssh/authorizedkeys' and a sudoers rule granting the printerlogicssh group 'NOPASSWD: ALL'. Possession of the matching...
Arbitrary File Creation
github.com/charmbracelet/soft-serve is vulnerable to Arbitrary file creation. The vulnerability is due to uncontrolled data being written through its SSH API, which allows an attacker to create or override arbitrary files...
CVE-2025-34207
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
CVE-2025-34207
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
CVE-2025-34207
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
GE Multilin UR Family Inadequate Encryption Strength (CVE-2013-2566)
Prior to UR firmware Version 8.1x, UR supported various encryption and MAC algorithms for SSH communication, some of which are weak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
GE Multilin UR Family Inadequate Encryption Strength (CVE-2016-2183)
Prior to UR firmware Version 8.1x, UR supported various encryption and MAC algorithms for SSH communication, some of which are weak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Vasion Print Virtual Appliance Host 访问控制错误漏洞
Vasion Print Virtual Appliance Host is a print management software from Vasion USA. An access control error vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.1049, which stems from a misconfigured SSH client and could allow an attacker to capture forwarded private...
PT-2025-39878
Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.1049 Vasion Print Application versions prior to 20.0.2786 Description The Vasion Print Virtual Appliance Host and Application are configured with insecure SSH client settings within Docker instances...
Do Not Preset authorized_keys for the SSH Service
authorizedkeys specifies the public key of the remote host. You can store the public key in the $HOME/.ssh/authorizedkeys file in the home directory for public key authentication. Then you can directly log in to the system. If authorizedkeys is preset in the system and public and private key...
Do Not Use X11 Forwarding
The X11 forwarding function of SSH allows the GUI program of the remote host to be executed on the local host. If the X11 forwarding function is enabled, the attack surface is expanded and other users on the X11 server may attack the local host. If the function is not required in the service...
Do Not Preset known_hosts for the SSH Service
knownhosts stores the public keys of the computers that the host has accessed. After a user successfully logs in to another computer, the public key information is automatically saved in $HOME/.ssh/knownhosts. When the same computer is accessed next time, its public key is verified. If the...
Do Not Configure Deprecated Options for the SSH Service
Currently, the SSH service communication protocols are classified into the first generation and the second generation. The configuration options of the SSH service of different versions are incompatible. In addition, the configuration options of some earlier versions are deprecated in the new...