45 matches found
CVE-2026-47269
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb's denyremote feature checks utmpx utaddrv6 to detect whether an authentication request originates from a remote session. The outer guard was if utent-utaddrv60 != 0, which only tests the first...
EUVD-2021-21431
Malware in sbrugna...
EUVD-2013-1286
Malware in sbrugna...
EUVD-2008-0145
Malware in sbrugna...
EUVD-2014-4745
Malware in sbrugna...
EUVD-2009-1165
Malware in sbrugna...
EUVD-2020-12971
Malware in sbrugna...
EUVD-2022-33146
Malicious code in bioql PyPI...
EUVD-2022-1207
Malicious code in bioql PyPI...
EUVD-2021-8398
Malicious code in bioql PyPI...
CVE-2022-28704
Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...
CVE-2013-1246
Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service memory consumption and service outage by establishing multiple SSH connections, aka Bug ID CSCug77610...
CVE-2022-20854
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center FMC and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper err...
curl: curl allows SSH connection even if host is not in known_hosts
Summary: Curl does not fail if the SSH host identity cannot be verified due to the host not being included in the .ssh/knownhosts file. This makes using curl to login into an previously unknown ssh host system vulnerable to meddler in the middle attacks. When using key based authentication it wil...
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure ICS involved the threat actor creating rogue virtual machines VMs within its VMware environment. "The adversary created...
USN-5964-1: curl vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to...
AZL-25803 CVE-2023-27538 affecting package mysql for versions less than 8.0.34-1
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequen...
Input validation
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center FMC and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper err...
CVE-2022-20854
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center FMC and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper err...
PT-2022-5699 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD and Cisco Firepower Management Center FMC affected versions not specified Description: The issue is related to an uncontrolled resource consumption vulnerability in the implementation of the SSH protocol in...