627 matches found
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far:...
The vulnerability of the sshkeys.js component in the embedded operating system OpenWrt, related to the lack of security measures for the website structure, allows attackers to perform cross-site scripting attacks.
The vulnerability of the sshkeys.js component in the embedded operating system OpenWrt is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
Prometheus API Information Gather
This module utilizes Prometheus' API calls to gather information about the server's configuration, and targets. Fields which may contain credentials, or credential file names are then pulled out and printed. Targets may have a wealth of information, this module will print the following values whe...
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf,"...
CVE-2023-37426
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host...
New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers
Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick
auto-cve-2022-44268 Automating expl...
CVE-2023-25187
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...
PT-2023-19968 · Nokia · Nokia Airscale Asika Single Ran
Name of the Vulnerable Software and Affected Versions: NOKIA Airscale ASIKA Single RAN devices versions prior to 21B Description: An issue was discovered where Nokia Single RAN commissioning procedures do not change the default SSH public/private key values that are specific to a network operator...
CVE-2023-25187
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change factory-time installed default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server disable...
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center ISC, which detected a spike in HTTP requests for "/nifi" o...
Image Builder security, bug fix, and enhancement update
cockpit-composer 45-1.0.1 - Make per page documentation links point to Oracle Linux Orabug: 32013095 45-1 - New upstream release 44-1 - New upstream release 43-1 - New upstream release 42-1 - New upstream release 40-1 - New upstream release 39-1 - New upstream release 38-1 - New upstream release...
[SECURITY] Fedora 38 Update: cloud-init-23.1.2-1.fc38
Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...
SUSE-SU-2023:1909-1 Security update for libgit2
This update for libgit2 fixes the following issues: - CVE-2023-22742: Fixed SSH keys verification failure bsc1207364...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru Firmware and QLogic Virtual Fabric Extension Module for IBM BladeCenter (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru Firmware and QLogic Virtual Fabric Extension Module for IBM BladeCenter. Vulnerability Details Summary An...
CVE-2023-28368
TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQUNV11.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential...
cloud-init bug fix and enhancement update
An update is available for cloud-init. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...
CVE-2022-48428
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible...
CVE-2022-48428
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible...
Cross site scripting
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible...