CVE-2020-37116

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

EUVD-2020-30979

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

CVE-2025-10761

A vulnerability has been found in Harness 3.3.0. Affected is an unknown function of the file /api/v1/login of the component Login Endpoint. The manipulation leads to improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack is considered ...

PT-2025-4405

Name of the Vulnerable Software and Affected Versions iTerm2 versions 3.5.6 through 3.5.10 Description The issue sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration...

git: git shell function that splits command arguments can lead to arbitrary heap writes.

Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the...

Splunk Universal Forwarder < 9.0 Insecure Default Configuration

In universal forwarder versions before 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environment. In Splunk 9.0...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

CVE-2021-28799

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...

telnet bug fix and enhancement update

Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Bug Fixes and Enhancements: in.telnetd needs to tolerate temporary EIO...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: telnet security update

An update for telnet is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

“Ready Player One” – Are you Ready to Protect Your Endpoints from the Bad Guys?

At times it can feel like a game as you watch the cyber-breach scorecards. Yahoo 3 billion users, Equifax 143 million consumers, Uber 57 million users, Imgur 1.7 million users are just a sample of the companies that have released new information on large breaches in the last few months...

Amazon Linux AMI Update: kernel / openssh Denial of Service (ALAS-2014-319)

Due to a problem with the configuration of kernels 3.10.34-37 and 3.10.34-38 and their interaction with the authentication modules stack, the sshd daemon that is part of the openssh package will no longer allow remote logins following a restart of the sshd service. C Tenable Network Security, Inc...

NETGEAR Hard-coded Telnet Unlock Credentials

The remote NETGEAR device has a hard-coded set of credentials that can be sent in a specially encoded packet in order to unlock the telnet service and allow remote logins as the root user. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72831; scriptversion"1.6";...

xrdb -- root hole via rogue hostname

Matthias Hopf reports: By crafting hostnames with shell escape characters, arbitrary commands can be executed in a root environment when a display manager reads in the resource database via xrdb. These specially crafted hostnames can occur in two environments: Systems are affected are: systems se...

CVE-2001-1507

OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged...