Lucene search
K

14899 matches found

UbuntuCve
UbuntuCve
added 2021/12/07 3:15 a.m.14 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS7AI score0.00254EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/12/07 3:15 a.m.18 views

CVE-2021-44513

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...

7CVSS7AI score0.00212EPSS
Exploits0References4
OSV
OSV
added 2021/12/07 3:15 a.m.2 views

UBUNTU-CVE-2021-44513

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...

7CVSS5.8AI score0.00212EPSS
Exploits0References5
CVE
CVE
added 2021/12/07 2:9 a.m.63 views

CVE-2021-44513

CVE-2021-44513 affects tmate-ssh-server 2.3.0, where insecure creation of temporary directories can allow a local attacker to compromise the integrity of session handling. The available documents confirm a local-attack vector and session integrity impact, with no explicit exploitation details or ...

7CVSS6.5AI score0.00212EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/07 2:9 a.m.13 views

CVE-2021-44513

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...

6.9AI score0.00212EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/12/07 2:9 a.m.16 views

CVE-2021-44513

Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...

7CVSS6.7AI score0.00212EPSS
Exploits0
Cvelist
Cvelist
added 2021/12/07 2:7 a.m.14 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

6.9AI score0.00254EPSS
Exploits0References2
CVE
CVE
added 2021/12/07 2:7 a.m.46 views

CVE-2021-44512

CVE-2021-44512 affects tmate-ssh-server 2.3.0, where world-writable permissions on the /tmp/tmate/sessions directory enable a local attacker to compromise session handling integrity and potentially obtain the read-write session ID from a read-only session symlink. The primary impact described is ...

7CVSS6.6AI score0.00254EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2021/12/07 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:3951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.9AI score0.02367EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.16 views

Fedora: Security Advisory for remmina (FEDORA-2021-5d227916bc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.2AI score0.01553EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.21 views

Fedora: Security Advisory for remmina (FEDORA-2021-ac23d9e47f)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.2AI score0.01553EPSS
Exploits0References2
NVD
NVD
added 2021/12/02 7:15 p.m.17 views

CVE-2021-40334

Missing Handler vulnerability in the proprietary management protocol port TCP 5558 of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x...

8.6CVSS0.00958EPSS
Exploits0References2
Prion
Prion
added 2021/12/02 7:15 p.m.12 views

Improper access control

Missing Handler vulnerability in the proprietary management protocol port TCP 5558 of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x...

5CVSS7.4AI score0.00958EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2021/12/02 6:28 p.m.40 views

CVE-2021-40334

The CVE-2021-40334 entry describes a Missing Handler vulnerability in the proprietary management protocol on TCP port 5558 for Hitachi Energy FOX61x and XCM20 (pre-R15A). The root cause is the handling of SSH activation on port 5558, which can disrupt NMS and NE communications. Affected products:...

8.6CVSS7.7AI score0.00958EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/02 6:28 p.m.27 views

CVE-2021-40334 SSH activation problem in the proprietary management protocol (port TCP 5558)

Missing Handler vulnerability in the proprietary management protocol port TCP 5558 of Hitachi Energy FOX61x, XCM20 allows an attacker that exploits the vulnerability by activating SSH on port TCP 5558 to cause disruption to the NMS and NE communication. This issue affects: Hitachi Energy FOX61x...

8.6CVSS8.6AI score0.00958EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/02 12:0 a.m.15 views

Victure WR1200 Trust Management Issue Vulnerability (CNVD-2021-95232)

Victure WR1200 is a router. Victure WR1200 1.0.3 and prior versions are vulnerable to trust management issues, which can be exploited by attackers to gain control of the device via SSH...

7.8CVSS5.3AI score0.00393EPSS
Exploits1References1
NVD
NVD
added 2021/11/30 7:15 p.m.7 views

CVE-2021-43284

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

7.8CVSS0.00393EPSS
Exploits1References2
Prion
Prion
added 2021/11/30 7:15 p.m.13 views

Design/Logic Flaw

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

7.2CVSS7.9AI score0.05404EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2021/11/30 6:23 p.m.15 views

CVE-2021-43284

An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...

8.2AI score0.05404EPSS
Exploits3References2
CVE
CVE
added 2021/11/30 6:23 p.m.34 views

CVE-2021-43284

CVE-2021-43284 affects Victure WR1200 devices (version 1.0.3 and earlier). The root SSH password remains the default value, “admin,” allowing an attacker to gain full control of the device via SSH regardless of whether the admin password was changed in the web interface. The connected records con...

7.8CVSS7.9AI score0.00393EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder