Lucene search
K

31274 matches found

RedHat Linux
RedHat Linux
added 2026/01/26 2:25 p.m.2 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS7.2AI score0.00579EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/01/26 2:25 p.m.5 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.7AI score0.00579EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/26 10:5 a.m.36 views

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

7CVSS0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/01/26 10:5 a.m.11 views

CVE-2025-59104

The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...

7CVSS5.8AI score0.00166EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:5 a.m.3 views

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

7CVSS5.8AI score0.00166EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/26 10:5 a.m.5 views

CVE-2025-59103 Weak Default Passwords for SSH Access in dormakaba access manager

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/26 9:58 a.m.174 views

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

9.8CVSS7.5AI score0.98871EPSS
Exploits60
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4754

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

7CVSS5.8AI score0.00166EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.6 views

Dormakaba Access Manager security vulnerabilities

Dormakaba Access Manager is a smart hardware controller developed by the American company Dormakaba. There is a security vulnerability in Dormakaba Access Manager, which stems from the ability to modify the bootloader’s command line interface physically. This vulnerability could potentially lead ...

7CVSS5.8AI score0.00166EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.8 views

Dormakaba Access Manager security vulnerabilities

The Dormakaba Access Manager is a smart hardware controller developed by the Dormakaba company in the United States. There are security vulnerabilities in the Dormakaba Access Manager 92xx K7 version. These vulnerabilities stem from hard-coded weak passwords in the SSH service, which may allow...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0016: container-tools:an8 (ALINUX3-SA-2026:0016)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-47913: SSH clients receiving SSHAGENTSUCCE...

7.5CVSS6AI score0.00579EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.5 views

openSUSE 16 Security Update : buildah (openSUSE-SU-2026:20080-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20080-1 advisory. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: Fixed non validated message size causing a panic due to an out of bounds read bsc1254054 -...

8.4CVSS6.6AI score0.00673EPSS
Exploits5References13
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.6 views

CVE-2026-24129

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManage...

8.8CVSS5.9AI score0.00459EPSS
Exploits1References1
Information Security Automation
Information Security Automation
added 2026/01/23 10:22 p.m.8 views

About Authentication Bypass – GNU Inetutils (CVE-2026-24061) vulnerability

About Authentication Bypass - GNU Inetutils CVE-2026-24061 vulnerability. GNU Inetutils is a collection of common network programs, including, among other things, a Telnet server telnetd. A vulnerability in GNU Inetutils telnetd allows a remote attacker to obtain a root shell on the host without...

9.8CVSS7.9AI score0.98871EPSS
Exploits60
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.7 views

CVE-2025-69312

Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: from n/a through = 1.4.19.1...

9.1CVSS5.4AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.7 views

CVE-2025-50002

Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows Upload a Web Shell to a Web Server.This issue affects Energia: from n/a through = 1.1.2...

10CVSS5.4AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.4 views

CVE-2025-68986

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows Upload a Web Shell to a Web Server.This issue affects Miion: from n/a through = 1.2.7...

9.9CVSS5.4AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.6 views

CVE-2025-68001

Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through = 2.1.0...

10CVSS5.4AI score0.00564EPSS
Exploits2References1
NVD
NVD
added 2026/01/23 5:16 p.m.9 views

CVE-2021-47904

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server...

8.8CVSS0.00614EPSS
Exploits0References5
NVD
NVD
added 2026/01/23 5:15 p.m.5 views

CVE-2021-47888

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through ...

8.8CVSS0.00602EPSS
Exploits0References4
Rows per page
Query Builder