Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2026/04/22 8:37 p.m.12 views

Gitea has insecure default SSH settings

Summary The built-in SSH server currently advertises a number of key exchange, MAC, and host key algorithms that are considered weak or broken. The defaults should be tightened so a fresh installation passes a baseline SSH security audit out of the box. Details Running ssh-audit against a default...

5.8AI score
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-5230

Malware in sbrugna...

4.3CVSS6.4AI score0.01078EPSS
Exploits0References2
Prion
Prion
added 2015/02/04 6:59 p.m.13 views

Design/Logic Flaw

The SFTP external storage driver filesexternal in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network...

4.3CVSS6.6AI score0.01078EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/02/04 6:59 p.m.15 views

CVE-2014-5341

The SFTP external storage driver filesexternal in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network...

4.3CVSS6.1AI score0.01078EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/02/04 6:0 p.m.23 views

CVE-2014-5341

The SFTP external storage driver filesexternal in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network...

6.1AI score0.01078EPSS
Exploits0References1
OwnCloud
OwnCloud
added 2014/08/18 6:31 p.m.49 views

Insufficient RSA Host Key validation in files_external (SFTP driver) - ownCloud

The SFTP external storage driver was verifying the RSA Host Key after logging in. This allows for a man-in-the-middle MITM attack even if the host key is already known and can be validated. Basically, at the point where the host key was validated, the secret has already been given away. It should...

4.3CVSS6AI score0.01078EPSS
Exploits0Affected Software1
OwnCloud
OwnCloud
added 2014/08/18 8:22 a.m.29 views

Server: Insufficient RSA Host Key validation in files_external (SFTP driver)

The SFTP external storage driver was verifying the RSA Host Key after logging in. This allows for a man-in-the-middle MITM attack even if the host key is already known and can be validated. Basically, at the point where the host key was validated, the secret has already been given away. It should...

4.3CVSS6AI score0.01078EPSS
Exploits0Affected Software1
Rows per page
Query Builder