EUVD-2026-33445

A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issu...

SUSE CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

GHSA-VWX9-7QCF-GG7F ShellHub has cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasses membership check

Summary GET /api/namespaces/:tenant returns the full namespace object — including the members list user IDs, e-mails, roles, settings, and device counts — to any caller authenticated by an API Key, for any tenant, regardless of the API Key's own tenant scope. The handler conditionally skips the...

PT-2026-38405

Name of the Vulnerable Software and Affected Versions ShellHub versions prior to 0.24.2 Description An issue exists where the endpoint "/api/namespaces/:tenant" returns the complete namespace object to any caller authenticated via an API Key, regardless of the API Key's tenant scope. This object...

PT-2026-22970

A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...

EUVD-2009-3092

Malware in sbrugna...

EUVD-2007-5808

Malware in sbrugna...

CVE-2025-36546

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

CVE-2025-36546

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

CVE-2025-36546 F5OS Appliance Mode vulnerability

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

K000140574: F5OS Appliance Mode vulnerability CVE-2025-36546

Security Advisory Description On an F5OS system, if the root user configures the system to allow login using SSH key-based authentication and later enables appliance mode, the system still allows access using SSH key-based authentication. For an attacker to exploit this vulnerability they must...

Security update for iperf

This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...

Exploit for Race Condition in Openbsd Openssh

CVE-2024-6387 OpenSSH Vulnerability Mitigation Script Over...

PT-2023-2547 · Cisco · Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco StarOS Software affected versions not specified Description: The issue arises from insufficient validation of user-supplied credentials in the key-based SSH authentication feature. This could allow a remote attacker to elevate privilege...

Ninja Turtles in your network: LAN Turtle 3G. A how-to for red teaming

Introduction This post will detail how to configure and utilise a LAN turtle 3G from Hak 5 to gain a persistent, remotely accessible presence within a network. With ethernet ports becoming less common on new hardware, many people have been forced into deploying an array of various dongles and...

SSH, SFTP, public key authentication and python

SFTP is a simple and fairly reliable way to share the information within the organization. Let's look at the situation when you need to pick up some files from a remote host with authorization by public key. And after that, let's see how to use it with in python. Moreover, let's see how to work...

VMware vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue (VMSA-2016-0024, dpnid) - Active Check

VMware vSphere Data Protection VDP updates address SSH key-based authentication issue. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

vSphere Data Protection (VDP) update addresses SSH key-based authentication issue

VDP SSH key-based authentication issue VDP contains a private SSH key with a known password that is configured to allow key-based authentication. Exploitation of this issue may allow an unauthorized remote attacker to log into the appliance with root privileges. VMware would like to thank Marc...

VMSA-2016-0024:vSphere Data Protection (VDP) update addresses SSH key-based authentication issue

VMSA-2016-0024.1 vSphere Data Protection VDP updates address SSH Key-Based authentication issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0024.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vSphere Data Protection VDP updates addres...

Juniper Networks Junos OS OpenSSH Restriction Bypass Vulnerability

Junos OS is prone to a restriction bypass vulnerability in OpenSSH. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos...