CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14864 matches found

F5 Networks•added 2023/04/14 7:21 a.m.•48 views

K000133517: OpenSSH vulnerability CVE-2023-28531

Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

9.8CVSS6.5AI score0.02138EPSS

Exploits0

NVD•added 2023/04/13 7:15 p.m.•13 views

CVE-2023-22948

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access to an SSH private key. Any code that runs as the tigergraph user is able to read the SSH private key. With this, an attacker is granted password-less SSH access to all machines in the TigerGraph...

4.9CVSS5AI score0.0044EPSS

Exploits1References2

Prion•added 2023/04/13 7:15 p.m.•17 views

Code injection

3.3CVSS5AI score0.0044EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/04/13 12:0 a.m.•6 views

CVE-2023-22948

7AI score0.0044EPSS

Exploits1References2

CVE•added 2023/04/13 12:0 a.m.•308 views

CVE-2023-22948

CVE-2023-22948 affects TigerGraph Enterprise Free Edition 3.x, where an SSH private key is read-accessible by any code running as the tigergraph user. This leads to passwordless SSH access to all machines in the TigerGraph cluster, as described in multiple sources. The root cause is unsecured rea...

4.9CVSS5AI score0.0044EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/04/13 12:0 a.m.•15 views

CVE-2023-22948

5.3AI score0.0044EPSS

Exploits1References2

Positive Technologies•added 2023/04/13 12:0 a.m.•7 views

PT-2023-18790 · Tigergraph · Tigergraph Enterprise Free Edition

Name of the Vulnerable Software and Affected Versions: TigerGraph Enterprise Free Edition versions 3.x Description: The issue allows for unsecured read access to an SSH private key. Any code running as the tigergraph user can read the SSH private key, granting an attacker password-less SSH access...

4.9CVSS5AI score0.0044EPSS

Exploits1References3

Talos•added 2023/04/13 12:0 a.m.•39 views

Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability

Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...

8.8CVSS8.9AI score0.00405EPSS

Exploits0

ATTACKERKB•added 2023/04/12 6:38 p.m.•1 views

CVE-2023-1944

This vulnerability enables ssh access to minikube container using a default password...

8.4CVSS7.1AI score0.00214EPSS

Exploits0References2

Positive Technologies•added 2023/04/12 12:0 a.m.•5 views

PT-2023-3150 · Minikube · Minikube

Name of the Vulnerable Software and Affected Versions: minikube affected versions not specified Description: The issue is related to information disclosure in the minikube tool, which can allow an attacker to elevate their privileges. It enables ssh access to the minikube container using a defaul...

8.4CVSS7.5AI score0.00214EPSS

Exploits0References6

OpenVAS•added 2023/04/12 12:0 a.m.•18 views

Linux: BSI TR-02102-4 Encryption Algorithms

Recommended SSH encryption ciphers from TR-02102-4. Per the recommendations, AEADAES128GCM or AEADAES256GCM should be utilized when possible. Other ciphers accepted by the recommendations are aes128-ctr, aes192-ctr, and aes256-ctr. Note: This check fails if any algorithms are found that are not...

5.9AI score

Exploits0References2

OSV•added 2023/04/11 10:15 a.m.•1 views

CVE-2023-29054

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

7.4CVSS7AI score0.00256EPSS

Exploits0References1

NVD•added 2023/04/11 10:15 a.m.•17 views

CVE-2023-29054

7.4CVSS6.6AI score0.00256EPSS

Exploits0References1

Prion•added 2023/04/11 10:15 a.m.•19 views

Design/Logic Flaw

4CVSS7.1AI score0.00256EPSS

Exploits0References1Affected Software13

OSV•added 2023/04/11 9:15 a.m.•3 views

CVE-2023-28368

TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQUNV11.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential...

5.7CVSS5.8AI score0.00265EPSS

Exploits0References2

NVD•added 2023/04/11 9:15 a.m.•18 views

CVE-2023-28368

5.7CVSS5.4AI score0.00265EPSS

Exploits0References2

Prion•added 2023/04/11 9:15 a.m.•14 views

Design/Logic Flaw

2.9CVSS5.4AI score0.00265EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/04/11 9:3 a.m.•9 views

CVE-2023-29054

6.7CVSS6.8AI score0.00256EPSS

Exploits0References1

CVE•added 2023/04/11 12:0 a.m.•53 views

CVE-2023-28368

The CVE concerns TP-Link L2 switch T2600G-28SQ. Affected firmware versions prior to T2600G-28SQ(UN)_V1_1.0.6 Build 20230227 use vulnerable SSH host keys, enabling a fake device to spoof the legitimate unit. If an administrator is tricked into logging into the impersonator, credential information ...

5.7CVSS5.4AI score0.00265EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/04/11 12:0 a.m.•8 views

CVE-2023-28368

5.4AI score0.00265EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by