Lucene search
+L

342 matches found

OSV
OSV
added 2022/11/24 10:21 p.m.19 views

MGASA-2022-0436 Updated dropbear packages fix security vulnerability

Updated dropbear package fixes a security vulnerability in dbclient:. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measure...

7.5CVSS7.6AI score0.01348EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/11/24 12:0 a.m.15 views

Apache Commons Detection Consolidation

Consolidation of Apache Commons and its components detections. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

0.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/11/24 12:0 a.m.38 views

Apache Commons Detection (Linux/Unix SSH Login)

SSH login-based detection of Apache Commons and its components. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

0.5AI score
Exploits0
NVD
NVD
added 2022/10/18 3:15 p.m.16 views

CVE-2022-33874

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

9.8CVSS0.02837EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/18 3:15 p.m.4 views

CVE-2022-33874

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

9.8CVSS6.1AI score0.02837EPSS
Exploits0References2
Prion
Prion
added 2022/10/18 3:15 p.m.13 views

Command injection

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

7.5CVSS9.9AI score0.02837EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/10 12:0 a.m.28 views

CVE-2022-33874

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

9.8CVSS10AI score0.02837EPSS
Exploits0References1
OSV
OSV
added 2022/09/19 10:15 p.m.8 views

UBUNTU-CVE-2022-28321

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pamaccess.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a...

9.8CVSS7.3AI score0.01218EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2022/09/19 9:10 p.m.3 views

CVE-2022-28321

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pamaccess.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a...

9.5AI score0.01218EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/19 12:0 a.m.3 views

openSUSE Tumbleweed 授权问题漏洞

openSUSE Tumbleweed is an open source system from the openSUSE project. A security vulnerability exists in openSUSE Tumbleweed versions prior to 1.5.2-6.1, which stems from the pamaccess.so module not properly restricting logins if a user attempts to connect from an IP address that is not...

9.8CVSS8.2AI score0.01218EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/08/02 12:0 a.m.11 views

Veritas Backup Exec Remote Agent Detection Consolidation

Consolidation of Veritas Backup Exec Remote Agent detections. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc";...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/07/19 12:0 a.m.25 views

Huawei EulerOS: Gather Applied HotFix (SSH Login)

Gathers information about applied HotFixes/Livepatches for EulerOS via the provided Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/11 12:0 a.m.20 views

Slackware: Security Advisory (SSA:2022-191-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.01155EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.30 views

Slackware: Security Advisory (SSA:2019-044-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.1AI score0.03724EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.21 views

Slackware: Security Advisory (SSA:2016-347-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.4AI score0.04512EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/04/06 12:0 a.m.16 views

VMware Spring Boot Detection (Linux/Unix SSH Login)

SSH login-based detection of VMware Spring Boot and its components. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

0.2AI score
Exploits0
Prion
Prion
added 2022/04/03 10:15 p.m.17 views

Hardcoded credentials

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials if the device is in the uncommissioned state...

6.8CVSS9.4AI score0.00865EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2022/04/03 9:56 p.m.29 views

CVE-2021-30064

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials if the device is in the uncommissioned state...

9.7AI score0.00865EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/31 12:0 a.m.27 views

VMware Spring Framework Detection (Linux/Unix SSH Login)

SSH login-based detection of the VMware Spring Framework and its components. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2022/03/22 12:0 a.m.15 views

GitLab Detection (Linux/Unix SSH Login)

SSH login-based detection of GitLab. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.170048";...

7.3AI score
Exploits0
Rows per page
Query Builder