CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

The vulnerability of the PuTTY encryption protection mechanism, related to the access to free memory cells, allows a hacker to cause a service failure.

The vulnerability of the PuTTY encryption method is related to the access to cells in the freed memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service disconnection using the SSH1MSGDISCONNECT message...

Broadpeak Centralized Accounts Management Auth Agent Cross-Site Scripting Vulnerability

Broadpeak Centralized Accounts Management Auth Agent is a centralized accounts management authentication agent application from Broadpeak France. A cross-site scripting vulnerability exists in Broadpeak Centralized Accounts Management Auth Agent versions 01.01.00.19219575ee9195b0,...

PT-2023-27497 · Broadpeak · Broadpeak Centralized Accounts Management Auth Agent

Name of the Vulnerable Software and Affected Versions: Broadpeak Centralized Accounts Management Auth Agent versions 00.12.01.9565588 1254b459, 01.01.00.19219575 ee9195b0, 01.01.01.30097902 fd999e76 Description: A cross-site scripting XSS issue in the bpk-common/auth/login/index.html login portal...

SUSE CVE-2019-17069

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1MSGDISCONNECT message...

In libssh2 v1.9.0 and earlier versions the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

...

libssh2 input validation error vulnerability (CNVD-2019-37882)

libssh2 is a client-side C library that implements the SSH2 protocol, which is capable of executing remote commands, file transfers, and providing a secure transmission channel for remote programs. An input validation error vulnerability exists in the SSHMSGDISCONNECT logic of the packet.c file i...

ALPINE-CVE-2019-17069

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1MSGDISCONNECT message...

DEBIAN-CVE-2019-17069

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1MSGDISCONNECT message...

UBUNTU-CVE-2019-17069

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1MSGDISCONNECT message...