Lucene search
+L

50 matches found

bdu_fstec
bdu_fstec
added 2024/12/05 12:0 a.m.6 views

The vulnerability in the implementation of the SSH network protocol for the microprogramming-based software of industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 allows a hacker to execute arbitrary commands.

The vulnerability of the SSH network protocol implementation in the microprogramming-based software for industrial routers such as Billion M100, Billion M150, Billion M120N, and Billion M500 is related to the lack of measures to neutralize special elements used in operating system commands...

9CVSS5.9AI score0.01093EPSS
Exploits0References3Affected Software4
bdu_fstec
bdu_fstec
added 2024/11/18 12:0 a.m.6 views

The vulnerability of the SSH and Telnet protocol implementations of the D-Link DSL6740C modem’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of SSH and Telnet protocols implemented by the microprogramming software of the D-Link DSL6740C modem lies in the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...

9CVSS5.9AI score0.01325EPSS
Exploits0References4
hpe
hpe
added 2024/11/06 12:0 a.m.3 views

HPESBCR04733 rev.1 - Certain HPE Cray Servers Using OpenSSH (RegreSSHion), Remote Code Execution Vulnerability

Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cray EX235a Accelerator Blade - CcNc firmware Prior to 1.9.5-39 HFP - 24.8.1 8/28/2024 HPE Cray EX235n Server - CcNc firmware Prior to 1.9.5-39 HFP - 24.8.1 8/28/2024 HPE Cray...

8.1CVSS6.1AI score0.99506EPSS
Exploits69
bdu_fstec
bdu_fstec
added 2024/10/31 12:0 a.m.7 views

The vulnerability of the SSH server of Cisco Adaptive Security Appliance’s microprogrammed network interface devices allows a attacker to cause a service failure.

The vulnerability of the SSH server of the microprogrammed network interface devices in Cisco Adaptive Security Appliances ASA is related to an uncontrolled resource consumption. This vulnerability could allow a malicious actor to cause service interruptions remotely...

5.3CVSS5.4AI score0.00469EPSS
Exploits0References2Affected Software1
osv
osv
added 2024/10/02 3:58 a.m.5 views

USN-7051-1 python-asyncssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS6.8AI score0.93305EPSS
Exploits4References2
bdu_fstec
bdu_fstec
added 2024/08/02 12:0 a.m.55 views

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

7.5CVSS6AI score0.00534EPSS
Exploits0References3Affected Software1
ncsc
ncsc
added 2024/07/01 3:37 p.m.6 views

Vulnerability fixed in OpenSSH

The developers of OpenSSH have fixed a vulnerability in OpenSSH The vulnerability allows a malicious party to execute arbitrary code with privileges of the sshd process without prior authentication. It cannot be ruled out that the ssh process is running with elevated privileges, making it possibl...

9.3CVSS7.9AI score0.99506EPSS
Exploits69References2
osv
osv
added 2024/07/01 9:6 a.m.6 views

USN-6859-1 openssh vulnerability

It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials...

8.1CVSS6.8AI score0.99506EPSS
Exploits69References2
bdu_fstec
bdu_fstec
added 2024/02/06 12:0 a.m.10 views

The vulnerability of the OpenSSH package on the macOS operating system, which allows a hacker to gain unauthorized access to SSH password credentials

The vulnerability of the OpenSSH package for the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a hacker to gain unauthorized access to SSH password credentials...

5.5CVSS6.6AI score0.00374EPSS
Exploits0References4Affected Software1
osv
osv
added 2023/12/18 7:15 p.m.3 views

DEBIAN-CVE-2023-51385

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or...

6.5CVSS6.6AI score0.19753EPSS
Exploits8References1
bdu_fstec
bdu_fstec
added 2023/12/12 12:0 a.m.7 views

The vulnerability of Siemens SCALANCE industrial switches’ SSH server allows a hacker to execute a “man-in-the-middle” attack.

The vulnerability of Siemens SCALANCE industrial switches’ SSH server is related to insufficient encryption strength. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack...

9.7CVSS7.4AI score0.00256EPSS
Exploits0References2Affected Software12
bdu_fstec
bdu_fstec
added 2023/10/29 12:0 a.m.7 views

The vulnerability of the SSH, HTTPS, and MySQL host bastion for the Linux operating system Warpgate allows a hacker to bypass authentication processes due to errors in cryptographic signatures.

The vulnerability of the SSH, HTTPS, and MySQL servers for the Linux operating system targets Warpgate is related to errors in verifying the cryptographic signature. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

8.1CVSS7.3AI score0.00253EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2023/07/12 12:0 a.m.5 views

MikroTik routers 资源管理错误漏洞

MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in MikroTik routers v6.46.3 and earlier versions that originates from a misconfiguration that allows an attacker to cause a denial of service via an SSH daemon...

7.5CVSS7.3AI score0.01014EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.9 views

PT-2023-8987 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue is related to the Akuvox E11 secure shell SSH server, which is enabled by default and accessible by the root user with a password that cannot be changed by the user. This conce...

10CVSS9.3AI score0.00668EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2023/01/23 12:0 a.m.9 views

The vulnerability in the implementation of the SSH network protocol for Cisco IOS and Cisco IOS XE operating systems allows a hacker to cause a service failure.

The vulnerability of the SSH network protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.7CVSS7.1AI score0.00801EPSS
Exploits0References3
attackerkb
attackerkb
added 2022/09/28 4:0 p.m.7 views

CVE-2022-20920

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

7.7CVSS7.2AI score0.00801EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/06/23 12:0 a.m.6 views

Secheron SEPCOS Control and Protection Relay 安全漏洞

Secheron SEPCOS Control and Protection Relay is a relay from Secheron. Control and protect your DC panels and contact lines from short circuits and other electrical faults, and benefit from enhanced communication capabilities.The Secheron SEPCOS Control and Protection Relay has a weak password...

10CVSS5.7AI score0.02039EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2021/11/25 12:0 a.m.8 views

The vulnerability of the SSH protocol implementation in the Dell Isilon InsightIQ performance monitoring and reporting analytics platform allows a hacker to bypass security restrictions and gain full control over the application.

The vulnerability of the SSH protocol implementation of the analysis platform for monitoring performance and generating reports in Dell Isilon InsightIQ is related to the use of cryptographic algorithms that contain vulnerabilities and risks. Exploiting this vulnerability could allow a malicious...

8.1CVSS7.8AI score0.00807EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2021/09/17 12:0 a.m.7 views

The vulnerability of the SSH protocol implementation in the cryptographic security tool PuTTY allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SSH protocol implementation in the cryptography security tool PuTTY is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.1CVSS7.5AI score0.01106EPSS
Exploits0References5Affected Software1
cnnvd
cnnvd
added 2021/07/09 12:0 a.m.6 views

PuTTY 数据伪造问题漏洞

PuTTY is a free set of Telnet, Rlogin and SSH client software from Simon Tatham's personal developer. The software is primarily used for remote administration of Linux systems. PuTTY is vulnerable to a data forgery issue that could be exploited by an attacker to cause a controlled SSH server to...

8.1CVSS5.7AI score0.01106EPSS
Exploits0References4
Rows per page
Query Builder