Lucene search
K

14901 matches found

GithubExploit
GithubExploit
added 2021/10/14 10:9 a.m.899 views

Exploit for OS Command Injection in Saltstack Salt

CVE-2020-16846-Saltstack-Salt-API Vulnerability Explained: An...

9.8CVSS9.3AI score0.99585EPSS
Exploits5
CNVD
CNVD
added 2021/10/14 12:0 a.m.19 views

Dell EMC IsilonSD Management Server Encryption Issue Vulnerability

DELL Dell EMC IsilonSD Management Server is a management server for EMC IsilonSD storage from Dell USA. Dell EMC IsilonSD Management Server is vulnerable to a cryptographic issue that arises from the use of a corrupted or risky encryption algorithm in the SSH component. A remote attacker could...

9.8CVSS9.6AI score0.00807EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.267 views

SSH Host Keys < 2048 Bits Considered Weak

Brute force setting must be enabled to use this plugin. The remote SSH server has a host key size that is smaller than 2048 bits. NIST Special Publication 800-57 Part 3 Recommendation for Key Management recommends RSA keys greater or equal to 2048 bits in length. TRUSTED...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.4691 views

SSH Weak Key Exchange Algorithms Enabled

The remote SSH server is configured to allow key exchange algorithms which are considered weak. This is based on the IETF draft document Key Exchange KEX Method Updates and Recommendations for Secure Shell SSH RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST N...

5.5AI score
Exploits0References1
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.310 views

Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)

Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/12 7:57 a.m.41 views

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client

Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said...

9.1CVSS0.1AI score0.02993EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/10/12 12:0 a.m.19 views

Zoom Client / Desktop / Workplace Detection (Linux/Unix SSH Login)

SSH login-based detection of the Zoom Client / Desktop / Workplace. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0
Prion
Prion
added 2021/10/11 5:15 p.m.20 views

Path traversal

keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This wou...

6.4CVSS9.3AI score0.02993EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/10/11 12:0 a.m.29 views

NetSarang Xshell has an unspecified vulnerability

NetSarang Xshell is an ssh client from NetSarang. NetSarang Xshell 7.0.0.76 previously contained a security vulnerability that could be exploited by an attacker to cause a crash by triggering a quick change in the title bar...

7.5CVSS2.3AI score0.0093EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/10/11 12:0 a.m.346 views

Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root

!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...

0.3AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/10/10 12:0 a.m.403 views

Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root (Telnet/SSH)

Summary CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a Linux based platform powered by ARM Cortex-A8 800 MHz superscalar processor. Its on-board standard features make the CTM-200 ideal for mobile fleet applications or fixed site office and...

9.3CVSS7.3AI score0.00282EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/10/08 12:0 a.m.45 views

Photon OS 2.0: Linux PHSA-2021-2.0-0399

An update of the linux package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0399. The text itself is copyright C VMware, Inc...

7CVSS7.4AI score0.00343EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/10/08 12:0 a.m.7 views

Fedora: Security Advisory for libssh (FEDORA-2021-f2a020a065)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.9AI score0.04683EPSS
Exploits0References2
Fedora
Fedora
added 2021/10/07 5:8 p.m.26 views

[SECURITY] Fedora 33 Update: libssh-0.9.6-1.fc33

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

6.5CVSS7.1AI score0.04683EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/10/03 12:0 a.m.17 views

Fedora: Security Advisory for openssh (FEDORA-2021-f8df0f8563)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS6.6AI score0.02367EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/10/03 12:0 a.m.25 views

Fedora: Security Advisory for openssh (FEDORA-2021-1f7339271d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS6.6AI score0.02367EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/10/02 12:0 a.m.12 views

Fedora: Security Advisory for libssh (FEDORA-2021-288925ac19)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.9AI score0.04683EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/02 12:0 a.m.16 views

Fedora: Security Advisory for libssh (FEDORA-2021-ec797b6a96)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.9AI score0.04683EPSS
Exploits0References2
OSV
OSV
added 2021/10/01 9:15 p.m.3 views

CVE-2021-36298

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...

9.8CVSS7.3AI score0.00807EPSS
Exploits0References1
NVD
NVD
added 2021/10/01 9:15 p.m.9 views

CVE-2021-36298

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...

9.8CVSS0.00807EPSS
Exploits0References1
Rows per page
Query Builder