Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2025/03/03 7:56 p.m.16 views

MinIO allows an SFTP authentication bypass due to improperly trusted SSH key

Summary A bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. Details On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication fo...

8.2CVSS7.3AI score0.00384EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2025/02/28 9:6 p.m.24 views

CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS0.00384EPSS
Exploits0References3
Metasploit
Metasploitadded 2024/07/08 7:54 p.m.293 views

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

This module exploits CVE-2024-5806, an authentication bypass vulnerability in the MOVEit Transfer SFTP service. The following version are affected: MOVEit Transfer 2023.0.x Fixed in 2023.0.11 MOVEit Transfer 2023.1.x Fixed in 2023.1.6 MOVEit Transfer 2024.0.x Fixed in 2024.0.2 The module can...

9.8CVSS9AI score0.89462EPSS
Exploits3
GithubExploit
GithubExploitadded 2024/06/24 4:28 p.m.658 views

Exploit for Improper Authentication in Progress Moveit_Transfer

CVE-2024-5806 Exploit for Progress MOVEit Transfer CVE-2024-5...

9.8CVSS9.4AI score0.89462EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2023/07/28 12:0 a.m.24 views

EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2023-2484)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

9.8CVSS7.2AI score0.00179EPSS
Exploits5References6
Vulnrichment
Vulnrichmentadded 2022/12/05 12:0 a.m.5 views

CVE-2022-38336

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication...

6.8AI score0.004EPSS
Exploits1References1
Exploit DB
Exploit DBadded 2018/10/30 12:0 a.m.42 views

Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass

Exploit Title: Nutanix AOS & Prism - SFTP Authentication Bypass Date: 2018-10-27 Exploit Author: Adam Brown Vendor Homepage: https://www.nutanix.org Software Link: https://www.nutanix.com/products/software-options/ Version: 5.5.5 LTS, 5.8.1 STS Tested on: Acropolis Operating System CVE : Related ...

9.8CVSS9.8AI score0.13825EPSS
Exploits9
Rows per page
Query Builder