CVE-2021-34718

Cisco IOS XR Software contains an Arbitrary File Read/Write vulnerability in the SSH Server, exploitable by an authenticated, remote attacker via crafted SCP parameters during login. The issue stems from insufficient input validation of user-supplied arguments for the SCP file-transfer method, en...

Cisco IOS XR Software Arbitrary File Read and Write Vulnerability

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

The vulnerability of the SSH server on the ROSA KOBALT operating system lies in the use of weak encryption algorithms such as RC4 and Blowfish. This allows attackers to circumvent cryptographic security measures.

The vulnerability of the SSH server on the ROS KOBALT operating system is related to the use of weak encryption algorithms such as RC4 and Blowfish. Exploiting this vulnerability allows a remote attacker to circumvent the cryptographic security measures...

ReverseSSH - Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such

A statically-linkedssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Get the latest Release Features Catching a reverse shell with...

CVE-2020-9283

A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server...

Sifchain: SSH server due to Improper Signature Verification

I found that you are using golang.org/x/[email protected] which has a vulnerability that was fixed in this version golang.org/x/[email protected] but that vulnerability is: golang.org/x/crypto/ssh is an SSH client and server Version...

CVE-2021-1572

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exist...

CVE-2021-1572

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exist...

Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability

A vulnerability in Cisco Network Services Orchestrator NSO could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which Cisco NSO is running, which is root by default. To exploit this vulnerability, an attacker must have a valid account on an...

Cisco ConfD 安全漏洞

Cisco ConfD is a management software from Cisco USA. A security vulnerability exists in Cisco ConfD that stems from the affected software incorrectly running SFTP user services with a privileged user enabled CLI when ConfD's built-in SSH server is running. The vulnerability allows an authenticate...

PT-2021-3760

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows versions prior to 15.2.3 HF2 Description A remote code execution vulnerability in the SolarWinds Serv-U product allows a threat actor to gain privileged access to the...

Advisory ROSA-SA-2021-1893

Software: libssh2 1.8.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-13115 CVE-Crit: HIGH CVE-DESC: In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that can cause out-of-range reads when reading packets from the server. A remote attacker...

Sick Visionary-S CX Information Disclosure Vulnerability

SICK Visionary-S CX is a 3D vision sensor from SICK, Germany. It provides direct output of color and depth values via Ethernet. The SICK Visionary-S CX has a security vulnerability in versions prior to 5.21.2.29154R, which can be exploited by an attacker with a weak password to more easily...

Exploit for Incorrect Authorization in Polkit_Project Polkit

CVE-2021-3560PoC polkit exploit script Automated script for...

SUSE: Security Advisory (SUSE-SU-2018:2777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0120-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sish - HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH

An open source serveo/ngrok alternative. Deploy Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can ...

EulerOS Virtualization 2.9.1 : python-paramiko (EulerOS-SA-2021-1734)

According to the version of the python-paramiko package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH...

EulerOS Virtualization 2.9.0 : python-paramiko (EulerOS-SA-2021-1761)

According to the version of the python-paramiko package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH...

Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2021-1734)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...