Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/06 12:58 p.m.7 views

Malicious code in ethos2.0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a012a962472733bf307c16dd1dfe1806727190273d53ac57bf4b524a26d34c96 The package ethos2.0 was found to contain malicious code. Source: ghsa-malware b646ddc4b3047452eaaf5304b21effbc2f0dd9800fd136ebfb4d33936f3bd8e6 Any...

6.9AI score
Exploits0References1
EUVD
EUVDadded 2026/01/06 12:58 p.m.3 views

EUVD-2026-1124

Malicious code in ethos2.0 npm...

6.6AI score
Exploits0References1
Talos Blog
Talos Blogadded 2025/11/18 11:0 a.m.6 views

Bill Largent: On epic reads, lifelong learning, and empathy

Welcome to another episode of Humans of Talos! This week, Amy sits down with William Bill Largent from the Strategic Planning and Communications team. Bill's role as Senior Security Researcher spans from threat research to communicating Talos's critical work to internal teams, partners, and...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-ethos-capas (npm)

The package test-mlw2-ethos-capas was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-prams-ethos-samel-kofta (npm)

The package test-mlw2-prams-ethos-samel-kofta was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-35293 Malicious code in test-mlw2-ethos-capas (npm)

The package test-mlw2-ethos-capas was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.3 views

MAL-2025-36026 Malicious code in test-mlw2-prams-ethos-samel-kofta (npm)

The package test-mlw2-prams-ethos-samel-kofta was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 3:18 a.m.2 views

CVE-2023-2822

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

6.1CVSS5.8AI score0.03301EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:10 a.m.6 views

CVE-2019-19755

ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated that they plan to fix this...

9.1CVSS6.9AI score0.00429EPSS
Exploits0References1
NVD
NVDadded 2024/04/30 6:15 p.m.11 views

CVE-2019-19755

ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated that they plan to fix this...

9.1CVSS6.5AI score0.00429EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/04/30 12:0 a.m.10 views

CVE-2019-19755

ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated that they plan to fix this...

9.2AI score0.00429EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/04/30 12:0 a.m.14 views

CVE-2019-19755

ethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated that they plan to fix this...

6.5AI score0.00429EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/04/30 12:0 a.m.3 views

PT-2024-10729 · Ethos · Ethos

Name of the Vulnerable Software and Affected Versions: ethOS versions 1.3.3 and earlier Description: The issue allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io, as the software ships with SSH host keys baked into the installation image. The...

9.1CVSS7.1AI score0.00429EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/04/30 12:0 a.m.2 views

ethOS 安全漏洞

ethOS is an application from ethOS, Inc. A security vulnerability exists in ethOS version 1.3.3 and prior versions, which stems from allowing man-in-the-middle attacks...

9.1CVSS6.8AI score0.00429EPSS
Exploits0References3
CVE
CVEadded 2024/04/30 12:0 a.m.36 views

CVE-2019-19755

ethOS 1.3.3 and earlier ships with SSH host keys baked into the installation image, enabling MITM attacks and exposing all public IPv4 nodes (e.g., via Shodan). The issue is described consistently across CVE records and Red Hat/NVD/CVE listings. The vendor noted plans to fix this as of 2019-12-01...

9.1CVSS6.8AI score0.00429EPSS
Exploits0References2
OSV
OSVadded 2023/05/20 7:15 a.m.1 views

CVE-2023-2822

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

6.1CVSS3.7AI score0.03301EPSS
Exploits1References4
NVD
NVDadded 2023/05/20 7:15 a.m.28 views

CVE-2023-2822

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

6.1CVSS5.1AI score0.03301EPSS
Exploits1References4
Prion
Prionadded 2023/05/20 7:15 a.m.19 views

Cross site scripting

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

5CVSS6AI score0.03301EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/20 7:0 a.m.5 views

CVE-2023-2822 Ellucian Ethos Identity logout cross site scripting

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

5CVSS6AI score0.03301EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/05/20 7:0 a.m.25 views

CVE-2023-2822 Ellucian Ethos Identity logout cross site scripting

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

5CVSS6.2AI score0.03301EPSS
Exploits1References4
Rows per page
Query Builder