CVE-2024-4578

CVE-2024-4578 affects Arista Wireless Access Points. An SSH session authenticated as the config user can escalate privileges to root by spawning a bash shell; exploitation requires knowledge of the config password. The issue affects Arista Wi‑Fi AP software trains 13.0.2.x (13.0.2-28-vv1101 and l...

WinSCP Terrapin Vulnerability - Windows

WinSCP is prone to a Terrapin vulnerability SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:winscp:winscp"; ifdescription...

Security Bulletin: IBM MQ Appliance vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)

Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM MQ Appliance has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms...

Astra Linux – Vulnerability in OpenSSH

A security regression CVE-2006-5051 was discovered in OpenSSH’s server sshd. There is a race condition that can cause sshd to handle certain signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger this condition by failing to authenticate within a specified time...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.31 security update

Red Hat OpenShift Container Platform release 4.14.31 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

Security Bulletin: This Power System update is being released to address CVE-2023-48795

Summary This affects the BMC's secure shell SSH interfaces which provides service access to the BMC's command shell, access to the host console, and service access to the hypervisor console. The BMC does not have SSH extensions, so a successful attack will not downgrade client connection security...

Security Advisory 0098

Security Advisory 0098 . CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Common Weakness Enumeration: CWE-77 Improper...

Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cliserver debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN...

XZ backdoor: Hook analysis

Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident social engineering Part 3: XZ backdoor. Hook analysis In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned...

SUSE CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

CVE-2024-32943

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

CVE-2024-32943

Westermo L210-F2G Lynx (CVE-2024-32943) is affected by an improper control of interaction frequency vulnerability that can cause a denial-of-service by sending many SSH packets repeatedly. The incident is documented across multiple sources as impacting the Westermo L210-F2G Lynx, with the Red Hat...

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly...

PostgreSQL Detection Consolidation

Consolidation of PostgreSQL detections. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.128025";...

PT-2024-4333 · Westermo · Westermo L210-F2G Lynx

Name of the Vulnerable Software and Affected Versions: Westermo L210-F2G Lynx affected versions not specified Description: The issue is related to insufficient control over interaction frequency, allowing a remote attacker to cause a denial-of-service condition by sending many SSH packets...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.30 packages and security update

Red Hat OpenShift Container Platform release 4.14.30 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

UBUNTU-CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

RHEL 8 / 9 : OpenShift Container Platform 4.14.30 (RHSA-2024:3918)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3918 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

New Malware Targets Exposed Docker APIs for Cryptocurrency Mining

Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that's capable of downloading and executing more...