CVE-2025-2277

Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13 and earlier allows a user to unadvertently leak his SSH password due to missing password masking...

CVE-2025-2277

Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13 and earlier allows a user to unadvertently leak his SSH password due to missing password masking...

CVE-2025-26701

An issue was discovered in Percona PMM Server OVA before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed in PMM2 2.42.0-1.ova, 2.43.0-1.ova, 2.43.1-1.ova, 2.43.2-1.ova, and 2.44.0-1.ova and in PMM3...

CVE-2025-27256

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...

CVE-2025-26701

An issue was discovered in Percona PMM Server OVA before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed in PMM2 2.42.0-1.ova, 2.43.0-1.ova, 2.43.1-1.ova, 2.43.2-1.ova, and 2.44.0-1.ova and in PMM3...

CVE-2025-26701

An issue was discovered in Percona PMM Server OVA before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed in PMM2 2.42.0-1.ova, 2.43.0-1.ova, 2.43.1-1.ova, 2.43.2-1.ova, and 2.44.0-1.ova and in PMM3...

CVE-2025-26701

An issue was discovered in Percona PMM Server OVA before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed in PMM2 2.42.0-1.ova, 2.43.0-1.ova, 2.43.1-1.ova, 2.43.2-1.ova, and 2.44.0-1.ova and in PMM3...

CVE-2025-26701

CVE-2025-26701 (Percona PMM Server, OVA) affects PMM Server images prior to 3.0.0-1.ova. The issue arises from default service account credentials, enabling SSH access and the use of sudo to gain root privileges, which can lead to exposure of sensitive data. Public references indicate fixes in PM...

CVE-2025-27256

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...

CVE-2025-27256

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...

CVE-2025-27256

CVE-2025-27256 concerns a Missing Authentication for Critical Function vulnerability in the GE Vernova Enervista UR Setup application. The issue is described as an authentication bypass caused by a missing SSH server authentication, which could allow an attacker with an unauthenticated client con...

[SECURITY] Fedora 40 Update: podman-tui-1.4.0-1.fc40

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

[SECURITY] Fedora 41 Update: podman-tui-1.4.0-1.fc41

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / docker-compose / kubernetes / kubevirt / moby-compose (CVE-2025-22869)

The version of cert-manager / cf-cli / docker-buildx / docker-compose / kubernetes / kubevirt / moby-compose installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22869 advisory. - SSH servers which...

OESA-2025-1236 rust security update

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. Security Fixes: Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not...

Authentication Bypass

github.com/minio/minio is vulnerable to Authentication bypass. The vulnerability is due to improper enforcement of SSH key validation when using LDAP as an external identity provider, allowing unauthorized access if the sshPublicKey attribute is missing...

CVE-2024-53458

Sysax Multi Server 6.99 is vulnerable to a denial of service DoS condition when processing specially crafted SSH packets...

CLSA-2025-1741290429 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix a machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server...

Updated erlang packages fix security vulnerability

SSH SFTP packet size not verified properly in Erlang OTP. CVE-2025-26618...

MGASA-2025-0088 Updated erlang packages fix security vulnerability

SSH SFTP packet size not verified properly in Erlang OTP. CVE-2025-26618...