CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

libssh 安全漏洞

libssh is a C development package from the libssh organization for accessing SSH services, which is capable of executing remote commands, file transfers, as well as providing a secure transport channel for remote programs. A security vulnerability exists in libssh that stems from an inconsistent...

Cisco Unified Communications Manager Static SSH Credentials Vulnerability

Cisco Unified Communications Manager is a call processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A static SSH credentials vulnerability exists in Cisco Unified...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2025-6543CitrixNetScalerPoC Multi-host, multi-port scann...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the fileUploadHandler process. An attacker can write arbitrary files to the filesystem by supplying crafted values to the fc.Name parameter, which is not properly sanitized, allowing directory traversal. This c...

CVE-2025-20309 Cisco Unified Communications Manager Static SSH Credentials Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...

CVE-2025-20309

CVE-2025-20309 affects Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The root cause is static, hardcoded root credentials that cannot be changed or deleted, enabling an unauthenticated, remote attacker to log in using the root accoun...

CVE-2024-35164

The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be...

CVE-2024-35164 Apache Guacamole: Improper input validation of console codes

The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be...

CVE-2025-24332

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

CVE-2025-24332

Nokia Single RAN AirScale baseband prior to 23R4-SR 3.0 MP is affected. An authenticated administrative user can move laterally across baseband boards via the internal bsoc SSH over the baseband backplane, using an SSH private key on the baseband system board, without re-authentication. This effe...

PT-2025-27610 · Nokia · Nokia Single Ran Airscale Baseband

Name of the Vulnerable Software and Affected Versions: Nokia Single RAN AirScale baseband versions prior to 23R4-SR 3.0 MP Description: The issue allows an authenticated administrative user to access all physical boards after a single login to the baseband system board, without re-authentication...

ROS-20250630-02

The vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to the fact that the validprincipals and defaultuser fields of the SSH secrets mechanism configuration are not are not set. Exploitation of the vulnerability could allow an attacker acting...

[SECURITY] Fedora 42 Update: libssh-0.11.2-1.fc42

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

Security Bulletin: IBM Storage Fusion Data Foundation may be affected by a vulnerability in SSH servers for FTP (CVE-2025-22869)

Summary A vulnerability in SSH server with capability of file transfer protocols can be exploited to denial of service DOS. The vulnerability may affect product IBM Storage Fusion Data Foundation. CVE-2025-22869. Vulnerability Details CVEID:CVE-2025-22869 DESCRIPTION: SSH servers which implement...

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller (NDFC) and the Cisco Nexus Dashboard platform for analyzing and automating cloud-based data center operations allows attackers to impersonate other users and obtain encrypted user credentials.

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller NDFC and the Cisco Nexus Dashboard cloud network analytics and automation platform is related to insufficient security checks for the protected connection. Exploiting this vulnerability allows a...

CVE-2025-5318

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...

ROS-20250624-14

A vulnerability in the SSH server of the Golang programming language is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...