Lucene search
K

630 matches found

BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.10 views

The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series and WDR-3124A Series, as well as in microprogrammed software for Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series, arises from the use of non-unique X.509 certificates and host SSH keys. This vulnerability allows attackers to escalate their privileges.

The vulnerabilities of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series are related to the use of non-unique X.509 certificates and host SSH keys...

10CVSS5.5AI score
Exploits0References2Affected Software5
RedHat Linux
RedHat Linux
added 2021/08/31 9:24 a.m.35 views

Moderate: Red Hat Security Advisory: cloud-init security update

An update for cloud-init is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2021/08/10 12:1 p.m.34 views

cloud-init security update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

5.5CVSS5.6AI score0.00219EPSS
Exploits0
Rockylinux
Rockylinux
added 2021/06/29 1:58 p.m.19 views

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/06/29 1:58 p.m.26 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/29 1:6 p.m.45 views

Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine

An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in...

0.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.42 views

Security Bulletin: Vulnerabilities in OpenSSH affect GPFS V3.5 for Windows (CVE-2016-0777, CVE-2016-0778)

Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects OpenSSH for GPFS V3.5. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client...

8.1CVSS0.4AI score0.63468EPSS
Exploits3Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2019:3191-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS5.3AI score0.01403EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:3096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS5.3AI score0.01403EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2019:3097-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS5.3AI score0.01403EPSS
Exploits0References2
NVD
NVD
added 2021/05/20 2:15 p.m.9 views

CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

7.5CVSS0.0185EPSS
Exploits0References3
Prion
Prion
added 2021/05/20 2:15 p.m.20 views

Hardcoded credentials

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

5CVSS7.6AI score0.0185EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/05/20 1:20 p.m.19 views

CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

7.6AI score0.0185EPSS
Exploits0References3
CVE
CVE
added 2021/05/20 1:20 p.m.61 views

CVE-2020-24396

CVE-2020-24396 affects homee Brain Cube v2 (firmware 2.28.2 and 2.28.4). The issue is that sensitive SSH keys are stored within downloadable and unencrypted firmware images, enabling remote attackers to use the support server as a SOCKS proxy. Documented impact is exposure of credentials and pote...

7.5CVSS7.5AI score0.0185EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/20 12:0 a.m.6 views

PT-2021-11032 · Homee · Homee Brain Cube

Name of the Vulnerable Software and Affected Versions: homee Brain Cube v2 versions 2.28.2 through 2.28.4 Description: The issue allows remote attackers to use the support server as a SOCKS proxy due to sensitive SSH keys being present within downloadable and unencrypted firmware images...

7.5CVSS7.4AI score0.0185EPSS
Exploits0References4
Metasploit
Metasploit
added 2021/05/18 5:42 p.m.87 views

SaltStack Salt Information Gatherer

This module gathers information from SaltStack Salt masters and minions. Data gathered from minions: 1. salt minion config file Data gathered from masters: 1. minion list denied, pre, rejected, accepted 2. minion hostname/ip/os depending on module settings 3. SLS 4. roster, any SSH keys are...

6.8AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/05/18 5:9 p.m.14 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: AliyunRHEL8.4cloud-init cloud-init service failed to...

2.5AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/04/06 1:31 p.m.17 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: SUSE specific option, STARTMODE, should not exist in...

2AI score
Exploits0
Kitploit
Kitploit
added 2021/04/02 11:30 a.m.64 views

SecretScanner - Find Secrets And Passwords In Container Images And File Systems

Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure such as accounts, devices, network, cloud based services,...

7.1AI score
Exploits0References3
Prion
Prion
added 2020/12/29 11:15 p.m.13 views

Hardcoded credentials

Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH...

10CVSS9.4AI score0.01544EPSS
Exploits1References1
Rows per page
Query Builder