EVE: SSH as Root Unlockable Without Triggering Measured Boot

Impact On boot, the Pillar container checks for /config/authorizedkeys. If present with a valid public key, it enables SSH on port 22 with root login. The /config partition is not protected by measured boot, is mutable and unencrypted. This enables an attacker with physical access to the device t...

CVE-2021-28913

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...

CVE-2025-64420 Coolify members can see private key of root user

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Broker Machine Pentesting Report Target & Overview - Mac...

CVE-2025-11578

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

CVE-2025-11578

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

CVE-2025-11578 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

EUVD-2017-2990

Malware in sbrugna...

EUVD-2020-3894

Malware in sbrugna...

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3: CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. Fixed cloud-init --debug status bsc1228414. Using...

CVE-2022-26252

aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows attackers to obtain the root user private SSH keyidrsa...

CVE-2020-11543

OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0 where an administrator and a system user accounts are the only available user accounts for the...

GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via nomad template injection

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. This vulnerability affected all versions of GitHub...

GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in ghe-update-check

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. This vulnerability affected all versions of GitHub Enterprise Server prior t...

GHSA-F6WP-8J9R-FRRG Duplicate Advisory: EVE: SSH as Root Unlockable Without Triggering Measured Boot

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-phcg-h58r-gmcq. This link is maintained to preserve external references. Original Description On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is...

Design/Logic Flaw

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

CVE-2021-43284

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

BAB TECHNOLOGIE GmbH eibPort 安全漏洞

Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort is an application from BAB TECHNOLOGIE GmbH Bab Technologie Gmbh, Germany, for managing smart furniture devices. A security vulnerability exists in BAB TECHNOLOGIE GmbH eibPort V3, which stems from a vulnerability in versions prior to 3.9.1 that...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1648)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11543

OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0 where an administrator and a system user accounts are the only available user accounts for the...