CVE-2022-34425

Dell Enterprise SONiC OS versions 4.0.0–4.0.1 are affected by a cryptographic-key vulnerability in SSH caused by a hardcoded key, enabling an unauthenticated remote attacker to potentially access communications. The connected PT-2022-5021 entry provides concrete details and recommends immediate m...

CVE-2022-20920

CVE-2022-20920 affects Cisco IOS Software and Cisco IOS XE Software. It is a DoS vulnerability in the SSH implementation caused by improper resource handling during exceptional conditions. A remote, authenticated attacker can repeatedly connect and send specific SSH requests to force a device rel...

CVE-2022-20920 Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

USN-5666-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution...

CVE-2022-33874

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

CVE-2022-33874

An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the...

FortiTester - Unauthenticated command injection

Multiple improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerabilities CWE-78 in Console, Telnet, and SSH login components of FortiTester may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell...

EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2022-2551)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated...

Cisco IOS XE Software SSH DoS (cisco-sa-ssh-excpt-dos-FzOBQTnk)

According to its self-reported version, Cisco IOS Software and Cisco IOS XE Software is affected by denial of service vulnerability. An authenticated, remote attacker can exploit this, by continuously connecting to an affected device and sending specific SSH requests to cause an affected device t...

Cisco IOS Software SSH DoS (cisco-sa-ssh-excpt-dos-FzOBQTnk)

According to its self-reported version, Cisco IOS Software and Cisco IOS XE Software is affected by denial of service vulnerability. An authenticated, remote attacker can exploit this, by continuously connecting to an affected device and sending specific SSH requests to cause an affected device t...

The vulnerability in the transport.py component of the SSHv2 protocol library for Python Paramiko allows a attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the transport.py component in the SSHv2 protocol library for Python Paramiko is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service...

Slackware: Security Advisory (SSA:2022-273-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: kitty-0.26.3-2.fc36

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

CVE-2020-15340

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office SOHO routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host...

Rdiffweb Title Denial of Service Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from the "title" parameter when adding an SSH...

PT-2022-6173

Name of the Vulnerable Software and Affected Versions Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description A vulnerability in the SSH implementation could allow an authenticated, remote attacker to cause an affected device to reload. This issue is due to improp...

Denial Of Service (DoS)

rdiffweb is vulnerable to denial of service. The vulnerability exists in prefsshkeys.py due to not limiting in title length while adding SSH key which allows an attacker to cause an application crash via a malicious input...