CVE-2022-44719

CVE-2022-44719 affects Weblib Ucopia prior to 6.0.13. The vulnerability is in the SSH Server which has insecure permissions, enabling potential unauthorized access and impacting confidentiality (per CVSS vector: HIGH). The issue is documented across multiple sources (e.g., NVD/Red Hat/PRION) with...

PT-2023-14536 · Unknown · Weblib Ucopia

Name of the Vulnerable Software and Affected Versions: Weblib Ucopia versions prior to 6.0.13 Description: An issue was discovered in the SSH Server of Weblib Ucopia, where it has insecure permissions. Recommendations: For versions prior to 6.0.13, update to version 6.0.13 or later to resolve the...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

Authorization

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

CVE-2023-28175

CVE-2023-28175 concerns Bosch VMS, where the SSH server permits a remote authenticated user to access resources on the trusted internal network via a port forwarding request due to improper authorization. Affected products are Bosch VMS versions 11.0, 11.1.0, and 11.1.1. The CVE entry is corrobor...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

golang: crash in a golang.org/x/crypto/ssh server

A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

Information Disclosure

libcurl.so is vulnerable to Information Disclosure. The SSH server's public key is verified with the use of a SHA 256 hash functionality provided by the library, however if the check is unsuccessful, the fingerprint's memory will be released before an error message is returned. This issue puts...

CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

CVE-2023-1944 [minikube] ssh server with default password

This vulnerability enables ssh access to minikube container using a default password...

K000134671: Paramiko vulnerability CVE-2018-1000805

Security Advisory Description Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. CVE-2018-1000805 Impact There is no impact; F5...

CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

Siemens SCALANCE X-200IRT Devices Inadequate Encryption Strength (CVE-2023-29054)

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

PT-2023-9256

Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.0 and earlier Description The built-in SSH server of Gogs allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending ...