Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2022-1680)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for shellz (FEDORA-2022-08ae2dd481)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: shellz-1.5.0-6.fc36

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

EulerOS Virtualization 3.0.2.0 : cloud-init (EulerOS-SA-2022-1682)

According to the versions of the cloud-init package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included 'sshdeletekeys: 0', disabling cloud-init's...

USN-5354-2: Twisted vulnerability

USN-5354-1 fixed vulnerabilities in Twisted. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 22.04 LTS. Original advisory details: It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attack...

USN-5354-2 twisted vulnerability

USN-5354-1 fixed vulnerabilities in Twisted. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 22.04 LTS. Original advisory details: It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attack...

Ubuntu 16.04 ESM / 22.04 LTS : Twisted vulnerability (USN-5354-2)

The remote Ubuntu 16.04 ESM / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5354-2 advisory. USN-5354-1 fixed vulnerabilities in Twisted. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 22.04 LT...

Slackware: Security Advisory (SSA:2022-120-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BSA-2022-1840

Security Advisory ID : BSA-2022-1840 Component : debug mode Revision : 1.0 An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in...

Exploit for Incorrect Authorization in Polkit_Project Polkit

Exploit for CVE-2021-3560 Polkit - Local Privilege Escalatio...

curl: CVE-2022-27782: TLS and SSH connection too eager reuse

Summary: Curl fails to consider some security related options when reusing TLS connections. For example: - CURLOPTSSLOPTIONS - CURLOPTPROXYSSLOPTIONS - CURLOPTCRLFILE - CURLOPTPROXYCRLFILE As a result for example TLS connection with lower security CURLSSLOPTALLOWBEAST, CURLSSLOPTNOREVOKE connecti...

CVE-2022-29810

A flaw was found in go-getter, where the go-getter library can write SSH credentials into its log file. This flaw allows a local user with access to read log files to read sensitive credentials, which may lead to privilege escalation or account takeover...

IBM Java 6.0 < 6.0.16.41 / 6.1 < 6.1.8.41 / 7.0 < 7.0.10.1 / 7.1 < 7.1.4.1 / 8.0 < 8.0.4.1 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is prior to 6.0 6.0.16.41 / 6.1 6.1.8.41 / 7.0 7.0.10.1 / 7.1 7.1.4.1 / 8.0 8.0.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle January 17 2017 CPU advisory. - The DES and Triple DES ciphers, as used in t...

Fedora: Security Advisory for shellz (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: shellz-1.5.0-6.fc34

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

[SECURITY] Fedora 35 Update: shellz-1.5.0-6.fc35

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

Information Disclosure

github.com/hashicorp/go-getter is vulnerable to information disclosure. The vulnerability exists in the RedactURL function of url.go, allowing an attacker to read or write SSH credentials through the log file...

GHSA-27RQ-4943-QCWP Insertion of Sensitive Information into Log File in Hashicorp go-getter

The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile...

Insertion of Sensitive Information into Log File in Hashicorp go-getter

The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile...

GHSA-WM2R-RP98-8PMH Exposure of SSH credentials in Rancher/Fleet

Impact This vulnerability only affects customers using Fleet for continuous delivery with authenticated Git and/or Helm repositories. A security vulnerability CVE-2022-29810 was discovered in go-getter library in versions prior to v1.5.11 that exposes SSH private keys in base64 format due to a...