Lucene search
K

14901 matches found

Prion
Prion
added 2021/10/01 9:15 p.m.13 views

Authentication flaw

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...

7.5CVSS9.6AI score0.00807EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/01 8:20 p.m.14 views

CVE-2021-36298

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...

8.1CVSS9.9AI score0.00807EPSS
Exploits0References1
CVE
CVE
added 2021/10/01 8:20 p.m.54 views

CVE-2021-36298

Dell EMC InsightIQ is affected (versions prior to 4.1.4). The issue is caused by risky cryptographic algorithms in the SSH component, enabling a remote unauthenticated attacker to bypass authentication and take remote control of InsightIQ, potentially impacting SSH services. Remediation: upgrade ...

9.8CVSS9.7AI score0.00807EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/01 12:13 p.m.30 views

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2020-8832 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by not properly clearing data structures on...

5.5CVSS0.1AI score0.00452EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/01 12:0 a.m.30 views

FreeBSD : libssh -- possible heap-buffer overflow vulnerability (57b1ee25-1a7c-11ec-9376-0800272221cc)

libssh security advisories : The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept and used as an input to new...

6.5CVSS6.3AI score0.04683EPSS
Exploits0References4
Fedora
Fedora
added 2021/09/29 1:10 a.m.33 views

[SECURITY] Fedora 34 Update: libssh-0.9.6-1.fc34

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

6.5CVSS7.1AI score0.04683EPSS
Exploits0
Fedora
Fedora
added 2021/09/29 12:20 a.m.28 views

[SECURITY] Fedora 35 Update: libssh-0.9.6-1.fc35

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

6.5CVSS7.1AI score0.04683EPSS
Exploits0
Packet Storm
Packet Storm
added 2021/09/29 12:0 a.m.225 views

Mitrastar GPT-2541GNAC-N1 Privilege Escalation

Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Date: 10-08-2021 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability analysis:...

0.8AI score
Exploits0
0day.today
0day.today
added 2021/09/29 12:0 a.m.313 views

Mitrastar GPT-2541GNAC-N1 - Privilege escalation Vulnerability

Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability analysis:...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/09/26 12:0 a.m.26 views

Teleport has an unspecified vulnerability (CNVD-2022-18316)

Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport has a security vulnerability that could be exploit...

5.3CVSS3.9AI score0.01175EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/26 12:0 a.m.14 views

Teleport has an unspecified vulnerability

Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications and databases across all environments.Teleport suffers from a security vulnerability that could be...

6.5CVSS4.1AI score0.00822EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/26 12:0 a.m.21 views

Teleport authorization issue vulnerability

Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport suffers from an authorization issue vulnerability...

9.8CVSS2.9AI score0.01033EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2021/09/23 1:16 p.m.38 views

Easier URI Targeting With Metasploit Framework

Over the past year and a half, Metasploit Framework’s core engineering team in Belfast has made significant improvements to usability, discoverability, and the general quality of life for the global community of Framework users. A few of the enhancements we’ve worked on in MSF 6 include: A handy...

6.9AI score
Exploits0
Mageia
Mageia
added 2021/09/23 4:49 a.m.40 views

Updated libssh packages fix security vulnerability

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...

6.5CVSS1.9AI score0.04683EPSS
Exploits0References5
NVD
NVD
added 2021/09/23 3:15 a.m.16 views

CVE-2021-1419

A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...

7.8CVSS0.0021EPSS
Exploits0References1
Prion
Prion
added 2021/09/23 3:15 a.m.25 views

Input validation

A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...

7.2CVSS7.6AI score0.0021EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2021/09/23 2:30 a.m.8 views

CVE-2021-1419 Cisco Access Points SSH Management Privilege Escalation Vulnerability

A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...

7.8CVSS7AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2021/09/23 2:30 a.m.75 views

CVE-2021-1419

CVE-2021-1419 affects Cisco Access Points (APs) SSH management interface, where improper checking of file operations allows a local, authenticated user to modify files and potentially gain root privileges. The root cause is input/file operation validation within the SSH management feature. Affect...

7.8CVSS7.8AI score0.0021EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/23 2:30 a.m.16 views

CVE-2021-1419 Cisco Access Points SSH Management Privilege Escalation Vulnerability

A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...

7.8CVSS8AI score0.0021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/09/23 12:0 a.m.1152 views

SSH SHA-1 HMAC Algorithms Enabled

The remote SSH server is configured to enable SHA-1 HMAC algorithms. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions. Note that...

5.5AI score
Exploits0
Rows per page
Query Builder