CVE-2024-5651

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...

Living off the land with Bluetooth PAN

TL:DR Bluetooth is enabled by default on the majority of Windows laptops Bluetooth PAN can be used to bridge connections locally between a client laptop and attacking device Attackers can use Microsoft native SSH client to forward out internal network traffic Windows native SSH is accessible to...

PT-2024-36825 · Unknown · Fence Agents Remediation Operator

Name of the Vulnerable Software and Affected Versions: Fence Agents Remediation operator affected versions not specified Description: A flaw was found in the Fence Agents Remediation operator, allowing a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the...

ArubaOS 10.4.x < 10.4.1.4, 10.6.x < 10.6.0.1 Multiple Vulnerabilities (HPESBNW04678)

The version of ArubaOS installed on the remote host is affected by multiple vulnerabilities: - In OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an...

WinSCP < 6.3.3 Key Recovery Attack Vulnerability

The version of WinSCP installed on the remote Windows host is prior to 6.3.3. It is, therefore, affected by a key recovery attack vulnerability. In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in...

FreeBSD : soft-serve -- Remote code execution vulnerability (8c342a6c-563f-11ef-a77e-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8c342a6c-563f-11ef-a77e-901b0e9408dc advisory. soft-serve team reports: Arbitrary code execution by crafting git ssh requests It is possible for a use...

Open WebUI 0.1.105 File Upload / Path Traversal Vulnerabilities

Title: Open WebUI Arbitrary File Upload + Path Traversal Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt 1. Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-22:...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-2079)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GO-2024-3026 casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification in github.com/casdoor/casdoor

casdoor's use ofssh.InsecureIgnoreHostKey disables host key verification in github.com/casdoor/casdoor...

EulerOS 2.0 SP5 : tigervnc (EulerOS-SA-2024-2077)

According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the...

EulerOS 2.0 SP5 : xorg-x11-server (EulerOS-SA-2024-2079)

According to the versions of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. Wh...

Fedora: Security Advisory (FEDORA-2024-82547e3e16)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Certificate Validation

github.com/casdoor/casdoor is vulnerable to Improper Certificate Validation. The vulnerability is due to the usage of the ssh.InsecureIgnoreHostKey method in the file viaSSHDialer.go, which disables host key verification and allows attackers to obtain sensitive information via a man-in-the-middle...

ROS-20240805-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

Man-In-The-Middle Attack

github.com/mickael-kerjean/filestash is vulnerable to Man-In-The-Middle Attack. The vulnerability is due to the usage of ssh.InsecureIgnoreHostKey function, which disables host key verification, allowing attackers to obtain sensitive information via a man-in-the-middle attack...

The vulnerability of the SSH service on the SmartOS operating system, specifically the AdTran SRG 834-5 Wi-Fi routers, allows a hacker to execute arbitrary operating system commands.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating system...

casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification

An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...

GHSA-67FW-W8F2-88WP casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification

An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...

CVE-2024-41264

An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...

soft-serve -- Remote code execution vulnerability

soft-serve team reports: Arbitrary code execution by crafting git ssh requests It is possible for a user who can commit files to a repository hosted by Soft Serve to execute arbitrary code via environment manipulation and Git...