Cockpit 359 - RCE

Exploit Title: Cockpit 359 - RCE Date: 18-04-2026 Exploit Author: @intx0x80 Vendor Homepage: https://cockpit-project.org/ Software Link: https://github.com/cockpit-project/cockpit Version: 327-359 Tested on: Debain CVE : CVE-2026-4631 import base64 import argparse import requests import urllib3...

MiracleLinux 8 : libssh-0.9.6-14.el8 (AXSA:2024-8172:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8172:04 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...

CLSA-2024-1709563150 Fix CVE(s): CVE-2023-6004, CVE-2023-6918

SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to configparser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault -...

CLSA-2024-1709562468 Fix CVE(s): CVE-2023-6004, CVE-2023-6918

SECURITY UPDATE: ProxyCommand/ProxyJump features allow injection of malicious code through hostname - debian/patches/CVE-2023-6004-pre1.patch: move common parser functions to configparser.c - debian/patches/CVE-2023-6004-pre2.patch: prevent possible segmentation fault -...

CLSA-2024-1709547699 libssh: Fix of 2 CVEs

CVE-2023-6004: fix the possibility of injections through a hostname parameter in the ProxyCommand/ProxyJump features - CVE-2023-6918: fix the issue when unchecked return values for digests may cause DoS...