14883 matches found
CVE-2022-34757
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...
CVE-2022-34757
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...
Design/Logic Flaw
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...
CVE-2022-34757
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...
CVE-2022-34757
CVE-2022-34757 affects Schneider Electric Easergy P5 (V01.401.102 and prior). The issue is CWE-327: Use of a Broken or Risky Cryptographic Algorithm, where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, allowing an attacker to observe protected ...
CVE-2022-34464
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...
CVE-2022-34464
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...
Design/Logic Flaw
A vulnerability has been identified in SICAM GridEdge Essential ARM All versions, SICAM GridEdge Essential Intel All versions V2.7.3, SICAM GridEdge Essential with GDS ARM All versions, SICAM GridEdge Essential with GDS Intel All versions V2.7.3. Affected software uses an improperly protected fil...
CVE-2022-34464
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...
CVE-2022-34464
CVE-2022-34464 affects Siemens SICAM GridEdge (Classic) and GridEdge Essential variants, where an improperly protected file used to import SSH keys can be written by a user with host filesystem access. Affected versions include SICAM GridEdge GridEdge Essential Intel/ARM (all versions before v2.7...
gitea -- multiple issues
The Gitea team reports: Use git.HOMEPATH for Git HOME directory Add write check for creating Commit status Remove deprecated SSH ciphers from default...
Siemens SICAM GridEdge
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM GridEdge Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION The SICAM GridEdge software contains an improper access control vulnerability, which could allow...
[SECURITY] Fedora 36 Update: podman-tui-0.5.0-1.fc36
podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...
Slackware: Security Advisory (SSA:2022-191-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sneaky New Orbit Malware Backdoors Linux Devices
A sneaky malware for Linux is backdooring devices to steal data and can affect all the processes running on a particular machine, researchers have found. The malware, dubbed Orbit, is unlike other Linux threats in that it steals information from different commands and utilities and then stores th...
SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2297-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2297-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server...
Researchers Warn of New OrBit Linux Malware That Hijacks Execution Flow
Cybersecurity researchers have taken the wraps off a new and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks geared towards the popular operating system. The malware gets its name from one of the filenames that's utilized to temporarily store the output ...
SUSE: Security Advisory (SUSE-SU-2022:2297-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : curl (ELSA-2022-5245)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5245 advisory. - fix too eager reuse of TLS and SSH connections CVE-2022-27782 - fix leak of SRP credentials in redirects CVE-2022-27774 - fix credential leak on...
SUSE-SU-2022:2297-1 Security update for python-Twisted
This update for python-Twisted fixes the following issues: - CVE-2022-21716: Fixed that ssh server accepts an infinite amount of data using all the available memory bsc1196739...