Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

USN-7831-1 erlang vulnerabilities

It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service...

EUVD-2014-3361

Malware in sbrugna...

EUVD-2005-1563

Malware in sbrugna...

CVE-2025-48041

CVE-2025-48041 is an Erlang/OTP issue in the SSH sftp path (ssh_sftpd.erl) causing Allocation of Resources Without Limits or Throttling. Affected are OTP forms up to 28.0.3 (and related SSH from 3.0.1 to 5.3.3, 5.2.11.3, 5.1.4.12). The vulnerability enables excessive resource allocation and relat...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Erlang vulnerabilities (USN-7656-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7656-1 advisory. It was discovered that Erlang OTPs SSH module incorrectly enforced strict KEX handshake hardening measures. A remote attacker able to...

USN-7656-1: Erlang vulnerabilities

It was discovered that Erlang OTP’s SSH module incorrectly enforced strict KEX handshake hardening measures. A remote attacker able to intercept communications could possibly use this issue to insert optional messages into connections during the handshake. CVE-2025-46712 It was discovered that...

Ubuntu: Security Advisory (USN-7443-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7443-3: Erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authenticatio...

USN-7443-1: Erlang vulnerability

Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

USN-7425-1: Erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

CVE-2018-18772

CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=sendssh, as demonstrated by executing an arbitrary OS command...

CentOS Web Panel Cross-Site Request Forgery Vulnerability (CNVD-2019-18498)

CentOS Web Panel is a CentOS Lnuix system administration panel. A cross-site request forgery vulnerability exists in CentOS Web Panel 0.9.8.740 and earlier versions, which can be exploited by a remote attacker to modify the server's root password and execute commands with the help of...

Cisco Integrated Management Controller Vulnerability

Cisco has released an advisory to address a vulnerability in the Cisco Integrated Management Controller Cisco IMC SSH module of the Cisco Unified Computing System E-Series Blade servers that could allow an unauthenticated, remote attacker to cause a denial of service condition. Migration to relea...

Code injection

The SSH module in the Integrated Management Controller IMC before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service IMC hang via a crafted SSH packet, aka Bug ID CSCuo69206...

Security Advisory-A DoS Vulnerability in the SSH Module on Huawei AR Router

On Some Huawei AR routers that receive a large number of SSH authentication attack packets with malformed data, legitimate users fail to log in through SSH. Attackers can construct massive attack packets to cause the AR routers to deny SSH login from legitimate users. HWPSIRT-2013-1255. This...

CVE-2005-1560

The SSH module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via shell metacharacters in arguments to certain commands, as demonstrated using ping and traceroute...