14899 matches found
Command injection
A command injection vulnerability was reported in the Integrated Management Module IMM of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session...
CVE-2021-3723
CVE-2021-3723 affects legacy IBM System x IMM (3550 M3 and 3650 M3). The IMM firmware flaw enables command injection, allowing an authenticated attacker with SSH/Telnet access to execute operating system commands on the host. CVSS/ENISA entries classify the impact as high (C, I, A) with network a...
CVE-2021-3723
A command injection vulnerability was reported in the Integrated Management Module IMM of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2691)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2716)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : container-tools:ol8 (ELSA-2021-1796)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1796 advisory. - address CVE-2019-19921 by updating to rc10 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...
Exploit for Code Injection in Gitlab
CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This...
CVE-2021-40520
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...
Command injection
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...
CVE-2021-40520
Airangel HSMX Gateway devices up to version 5.2.04 are affected by a credential disclosure vulnerability due to weak SSH credentials. Exploitation could allow an attacker to obtain SSH credentials and take control of the device. Publicly provided details confirm affected product/version and impac...
CVE-2021-40520
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...
Low: Red Hat Security Advisory: libssh security update
An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
ALSA-2021:4387 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference in sftpserver.c if sshbuffernew returns NULL CVE-2020-16135 For more details about the security issues, including the impact, a CVSS...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
CVE-2021-37471
The CVE-2021-37471 entry concerns Cradlepoint IBR900-600 devices running firmware versions prior to 7.21.10. The vulnerability is caused by a restricted shell escape sequence that can be exploited to concurrently deny availability of the NetCloud Manager console, the local console, and the SSH co...
CVE-2021-37471
Cradlepoint IBR900-600 devices running versions 7.21.10 are vulnerable to a restricted shell escape sequence that provides an attacker the capability to simultaneously deny availability to the device's NetCloud Manager console, local console and SSH command-line...
Fedora: Security Advisory for ansible (FEDORA-2021-0397bb2ccc)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for ansible (FEDORA-2021-71ff867094)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for curl (FEDORA-2021-1d24845e93)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...