GHSA-J7C9-79X7-8HPR step-ca Has Improper Authorization Check for SSH Certificate Revocation

Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...

Vegeta_Vuln_lab

VegetaVulnlab Overview This lab focuses on core penetrati...

[SECURITY] Fedora 42 Update: openbao-2.4.4-1.fc42

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

PT-2025-48988

Name of the Vulnerable Software and Affected Versions Step CA versions prior to 0.29.0 Description Step CA is an online certificate authority for secure, automated certificate management for DevOps. A flaw exists in the authorization check for SSH certificate revocation, specifically impacting...

CVE-2025-13809

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

EUVD-2025-199957

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-3243...

Security update for podman

This update for podman fixes the following issues: CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542 Patch Instructions: To install this SUSE update use the SUSE...

CVE-2025-47913

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

SUSE CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

Linux Distros Unpatched Vulnerability : CVE-2025-47914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed d...

TencentOS Server 4: buildah (TSSA-2025:0571)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0571 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the SSH Agent servers. An attacker can cause a panic and disrupt service availability by sending a specially crafted, malformed message that triggers an out-of-bounds read. Remediation Upgrade...

golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

EUVD-2025-198228

golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumption...

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...