6 matches found
EUVD-2023-32151
Malicious code in bioql PyPI...
EUVD-2023-27049
Malicious code in bioql PyPI...
CVE-2023-28481
An issue was discovered in Tigergraph Enterprise 3.7.0. There is unsecured write access to SSH authorized keys file. Any code running as the tigergraph user is able to add their SSH public key into the authorised keys file. This allows an attacker to obtain password-less SSH key access by using...
Code injection
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph...
CVE-2023-22948
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph...
PT-2023-18790 · Tigergraph · Tigergraph Enterprise Free Edition
Name of the Vulnerable Software and Affected Versions: TigerGraph Enterprise Free Edition versions 3.x Description: The issue allows for unsecured read access to an SSH private key. Any code running as the tigergraph user can read the SSH private key, granting an attacker password-less SSH access...