309 matches found
EulerOS Virtualization 2.10.1 : libssh2 (EulerOS-SA-2024-1548)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacke...
ROS-20240412-02
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
Predictable TCP ISNs in EDK II Network Package
...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
EulerOS Virtualization 2.9.0 : libssh2 (EulerOS-SA-2024-1470)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacke...
EulerOS Virtualization 2.9.0 : openssh (EulerOS-SA-2024-1475)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
Oracle Linux 7 : openssh (ELSA-2024-12233)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12233 advisory. 7.4p1-23.0.3fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug:...
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1345)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1343)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2024-1323)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1239)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1217)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
PT-2024-12411 · Wlan Host +1 · Wlan Host +1
Name of the Vulnerable Software and Affected Versions: WLAN Host and Firmware affected versions not specified Description: The issue is related to a transient Denial of Service DOS in WLAN Host and Firmware. This occurs when a large number of open authentication frames are sent with an invalid...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service in the WLAN host and firmware when a large number of open authentication frames with invalid transaction sequence numbers are sent...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
Denial Of Service (DoS)
github.com/cosmos/cosmos-sdk is vulnerable to Denial Of Service. The vulnerability is due to the handling of non-sequential sequence numbers by the default PrepareProposalHandler and SenderNonceMempool, potentially allowing invalid blocks to be proposed under certain conditions...
CVE-2023-51440
A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...