Lucene search
K

390 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-25136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be...

6.5CVSS8.3AI score0.89955EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-29652

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial o...

7.5CVSS7.3AI score0.03228EPSS
Exploits0References2
CNVD
CNVD
added 2025/08/11 12:0 a.m.3 views

DELL Enterprise SONiC OS Encryption Key Vulnerability

DELL Enterprise SONiC OS is an open source network operating system developed by Dell and designed for data center and cloud computing scenarios. DELL Enterprise SONiC OS suffers from a cryptographic key vulnerability that stems from a cryptographic key vulnerability in SSH, which can be exploite...

7.5CVSS6.8AI score0.00371EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/07 12:15 a.m.5 views

Security Bulletin: Vulnerabilities in SSH affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in SSH has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH servers...

7.5CVSS6.1AI score0.00868EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/05 8:15 p.m.6 views

CVE-2013-10065

A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet can trigger a crash in the service, resulting in loss of availability. The flaw is triggered during the handling of malformed key exchange data, including a...

8.7CVSS0.01141EPSS
Exploits1References4
NVD
NVD
added 2025/08/05 5:15 p.m.5 views

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

6.5CVSS0.00245EPSS
Exploits0References2
CVE
CVE
added 2025/08/05 12:5 a.m.40 views

CVE-2025-54804

Russh is a Rust SSH client/server library. In versions ≤0.54.0, CHANNEL_WINDOW_ADJUST handling computes recipient_window_size from the decoded value without proper overflow checks, causing an integer overflow that can crash the server. The issue is fixed in version 0.54.1. Attacker impact is serv...

6.5CVSS7AI score0.00386EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2025/08/05 12:0 a.m.11 views

CVE-2025-43980

An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account...

0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/04 6:22 p.m.6 views

CVE-2025-38741

Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication...

7.5CVSS7.2AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2025/08/04 6:22 p.m.23 views

CVE-2025-38741

Dell Enterprise SONiC OS (Dell SONiC) on version 4.5.0 and earlier contains a cryptographic key vulnerability in SSH that could be exploited by an unauthenticated remote attacker to gain unauthorized access to communications. The connected Nessus note (DSA-2025-275) and vendor advisory indicate t...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/04 6:22 p.m.12 views

CVE-2025-38741

Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication...

7.5CVSS0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/02 8:22 p.m.9 views

CVE-2014-125121

Array Networks vAPV version 8.3.2.17 and vxAG version 9.2.0.34 appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials or SSH private key and insecure permissions on a startup script. The devices ship with a default SSH login or a...

10CVSS6.9AI score0.00853EPSS
Exploits0References1
CVE
CVE
added 2025/07/31 2:52 p.m.20 views

CVE-2014-125121

CVE-2014-125121 affects Array Networks vAPV (v8.3.2.17) and vxAG (v9.2.0.34). The vulnerability arises from a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script, allowing remote authentication with limited privileges. An authenticated attack...

10CVSS7AI score0.00853EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/31 2:52 p.m.8 views

CVE-2014-125121 Array Networks vAPV and vxAG Default Credential Privilege Escalation

Array Networks vAPV version 8.3.2.17 and vxAG version 9.2.0.34 appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials or SSH private key and insecure permissions on a startup script. The devices ship with a default SSH login or a...

10CVSS7.6AI score0.00853EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.9 views

(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SSH daemon. The...

6.6CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.9 views

(Pwn2Own) QNAP QHora-322 SSH Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default SSH credentials. The issue results from the use of the WAN M...

7.5CVSS7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/21 5:24 p.m.2 views

Security Bulletin: Vulnerabilities in SSH affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in SSH has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH servers...

7.5CVSS7.1AI score0.00868EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/14 12:0 a.m.4 views

Erlang/OTP SSH Server Unauthenticated Remote Command Execution (CVE-2025-32433) (Direct Check)

Binary data erlangotpsshCVE-2025-32433.nbin...

10CVSS7.3AI score0.97859EPSS
Exploits36References4
RedhatCVE
RedhatCVE
added 2025/07/10 7:24 a.m.4 views

CVE-2025-24006

A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root...

7.8CVSS7.2AI score0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 8:31 a.m.31 views

CVE-2025-27027 Restricted shell evasion in Radiflow iSAP Smart Collector

A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...

4.1CVSS0.00246EPSS
Exploits0References1
Rows per page
Query Builder