Lucene search
K

14899 matches found

OpenVAS
OpenVAS
added 2021/12/16 12:0 a.m.262 views

Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSH, D(HE)ater)

The remote SSH server is supporting Diffie-Hellman ephemeral DHE Key Exchange KEX algorithms and thus could be prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS7.4AI score0.23061EPSS
Exploits1References5
CNVD
CNVD
added 2021/12/12 12:0 a.m.16 views

Gryphon Tower Information Disclosure Vulnerability

Gryphon Tower is a wireless router from Gryphon, Inc. Gryphon Tower is vulnerable to an information disclosure vulnerability stemming from the presence of an unprotected ssh private key on the device, which could be exploited by an attacker to gain root access to servers belonging to Gryphon's...

10CVSS3.4AI score0.0199EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/12/11 12:0 a.m.99 views

Apache Log4j Detection (Linux/Unix SSH Login)

SSH login-based detection of Apache Log4j. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

Exploits0
OpenVAS
OpenVAS
added 2021/12/11 12:0 a.m.56 views

Apache Log4j Detection Consolidation

Consolidation of Apache Log4j detections. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2021/12/10 12:0 a.m.21 views

Unspecified vulnerability in tmate-ssh-server

Tmate-Ssh-Server is a Tmate Ssh server. tmate-ssh-server suffers from a security vulnerability that could be exploited by an attacker to compromise the integrity of session processing or to obtain read and write session IDs from read-only session symbolic links in this directory...

7CVSS4.1AI score0.00254EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/10 12:0 a.m.23 views

Tmate-Ssh-Server Competition Condition Issue Vulnerability

Tmate-Ssh-Server is a Tmate Ssh server. a contention condition issue vulnerability exists in Tmate-Ssh-Server, which can be exploited by attackers to compromise the integrity of session processing...

7CVSS4.5AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2021/12/09 4:15 p.m.16 views

CVE-2021-20146

An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...

10CVSS0.0199EPSS
Exploits0References1
Prion
Prion
added 2021/12/09 4:15 p.m.17 views

Design/Logic Flaw

An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...

10CVSS9.3AI score0.0199EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/12/09 3:21 p.m.39 views

CVE-2021-20146

CVE-2021-20146 describes an information disclosure/privilege escalation on Gryphon Tower devices due to an unprotected SSH private key, enabling potential root access to a Gryphon development server hosted on AWS. Affected component is the device’s SSH key handling; root access to connected infra...

10CVSS9.3AI score0.0199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/09 3:21 p.m.22 views

CVE-2021-20146

An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...

9.6AI score0.0199EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/12/09 12:0 a.m.409 views

MTPutty 1.0.1.21 SSH Password Disclosure

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/12/09 12:0 a.m.388 views

MTPutty 1.0.1.21 - SSH Password Disclosure

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2021/12/09 12:0 a.m.20 views

Raspberry Pi OS / Raspbian Default Credentials (SSH)

The remote Raspberry Pi OS / Raspbian system is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS9.7AI score0.15666EPSS
Exploits3References2
0day.today
0day.today
added 2021/12/09 12:0 a.m.357 views

MTPutty 1.0.1.21 - SSH Password Disclosure Vulnerability

Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...

7.4AI score
Exploits0
NVD
NVD
added 2021/12/08 7:15 p.m.16 views

CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

7.8CVSS0.01368EPSS
Exploits1References2
CVE
CVE
added 2021/12/08 6:31 p.m.85 views

CVE-2021-43399

Summary of CVE-2021-43399 (YubiHSM/YubiHSM2 in yubihsm-shell) A boundary/length validation vulnerability exists in the YubiHSM2 library version 2021.08 as included in yubihsm-shell, affecting operations such as SSH signing requests and certain data operations from a YubiHSM 2 device. Multiple sou...

7.8CVSS7.5AI score0.01368EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/12/08 6:31 p.m.20 views

CVE-2021-43399

The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...

7.7AI score0.01368EPSS
Exploits1References2
NVD
NVD
added 2021/12/07 3:15 a.m.12 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS0.00254EPSS
Exploits0References2
OSV
OSV
added 2021/12/07 3:15 a.m.1 views

DEBIAN-CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS7AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2021/12/07 3:15 a.m.2 views

DEBIAN-CVE-2021-44513

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...

7CVSS7AI score0.00212EPSS
Exploits0References1
Rows per page
Query Builder