Lucene search
K

14901 matches found

OpenVAS
OpenVAS
added 2021/09/23 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2021:3123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.1AI score0.02319EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/22 11:38 p.m.31 views

Security Bulletin: Vulnerability in libssh2 CVE-2019-17498.

Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a malicious SSH server that sends a...

8.1CVSS0.9AI score0.03793EPSS
Exploits1
Cisco
Cisco
added 2021/09/22 4:0 p.m.50 views

Cisco Access Points SSH Management Privilege Escalation Vulnerability

A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...

7.8CVSS7.8AI score0.0021EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.4 views

The vulnerability of the SSH server on the Cisco IOS XR operating system allows a hacker to read and rewrite any files they choose.

The vulnerability of the SSH server on the Cisco IOS XR operating system is related to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to read and rewrite any files as desired...

8.5CVSS7.5AI score0.0153EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2021/09/20 12:0 a.m.95 views

Weak Host Key Algorithm(s) (SSH)

The remote SSH server is configured to allow / support weak host key algorithms. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References3
NVD
NVD
added 2021/09/18 4:15 p.m.13 views

CVE-2021-41393

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

9.8CVSS0.01033EPSS
Exploits0References4
OSV
OSV
added 2021/09/18 4:15 p.m.13 views

CVE-2021-41393

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

9.8CVSS7.2AI score
Exploits0References4
Prion
Prion
added 2021/09/18 4:15 p.m.17 views

Design/Logic Flaw

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

7.5CVSS9.4AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/09/18 3:15 p.m.19 views

CVE-2021-41393

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

9.7AI score0.01033EPSS
Exploits0References4
CVE
CVE
added 2021/09/18 3:15 p.m.61 views

CVE-2021-41393

Summary: CVE-2021-41393 affects Teleport. In affected releases, SSH host certificates can be forged in certain situations. Impacted versions (per sources): Teleport < 4.4.11; Teleport < 5.2.4 (i.e., 5.x before 5.2.4); Teleport < 6.2.12 (i.e., 6.x before 6.2.12); Teleport

9.8CVSS9.4AI score0.01033EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/09/17 12:0 a.m.6 views

The vulnerability of the sshd-core Java library component, which supports the SSH protocol of Apache SSHD, allows a attacker to cause a service failure.

The vulnerability of the sshd-core Java library component, which supports SSH protocol with Apache SSHD, is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a remote attacker to cause service interruptions...

9.4CVSS6.6AI score0.03394EPSS
Exploits0References8Affected Software1
ThreatPost
ThreatPost
added 2021/09/15 7:1 p.m.43 views

No Patch for High-Severity Bug in Legacy IBM System X Servers

Two legacy IBM System x server models, retired in 2019, are open to attack and will not receive security patches, according to hardware maker Lenovo. However, the company is offering workaround mitigation. The two models, IBM System x 3550 M3 and IBM System x 3650 M3, are both vulnerable to comma...

9CVSS8.8AI score0.0194EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/09/14 12:0 a.m.160 views

Weak Key Exchange (KEX) Algorithm(s) Supported (SSH)

The remote SSH server is configured to allow / support weak key exchange KEX algorithms. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.4AI score
Exploits0References5
OpenVAS
OpenVAS
added 2021/09/13 12:0 a.m.50 views

Weak (Small) Public Key Size(s) (SSH)

The remote SSH server uses a weak too small public key size. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References3
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.279 views

ECOA Building Automation System - Hard-coded Credentials SSH Access

Exploit Title: ECOA Building Automation System - Hard-coded Credentials SSH Access Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Huntr
Huntr
added 2021/09/11 10:15 p.m.6 views

Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

✍️ Description Hello dear Rdiffweb team. I found a CSRF vulnerability on following endpoint that attackers able to Create a SSH key with PoC.html 🕵️‍♂️ Proof of Concept 1. User with right privileges should be logged in Firefox or Safari. 2. Users go to a website that contain PoC.html 3.after...

0.6AI score
Exploits0
Debian
Debian
added 2021/09/11 10:11 p.m.50 views

[SECURITY] [DLA 2753-2] qemu regression update

Debian LTS Advisory DLA-2753-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 11, 2021 https://wiki.debian.org/LTS Package : qemu Version : 1:2.8+dfsg-6+deb9u16 CVE ID : CVE-2021-3592 Debian Bug : 994080 It was found that the patch for CVE-2021-3592...

3.8CVSS6.6AI score0.00326EPSS
Exploits0
0day.today
0day.today
added 2021/09/10 12:0 a.m.174 views

ECOA Building Automation System Hardcoded SSH Credentials Vulnerability

ECOA building automation systems have hardcoded SSH credentials. Many versions are affected. ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected version: ECOA ECS Router Controller - ECS FLASH ECOA...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.30 views

Cisco IOS XR Software Arbitrary File Read and Write (cisco-sa-iosxr-scp-inject-QwZOCv2)

According to its self-reported version, Cisco IOS XR is affected by an arbitrary file read and write vulnerability in its SSH server process due to insufficient input validation of user supplied input. An authenticated, remote attacker can exploit this, by specifying specific SCP parameters when...

8.5CVSS7.9AI score0.0153EPSS
Exploits0References3
NVD
NVD
added 2021/09/09 7:15 p.m.19 views

CVE-2021-28914

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because the strength is shown in configuration tool, but finally not enforced. This is usable and part of an attack chain to gain SSH root access...

6.5CVSS0.00986EPSS
Exploits0References1
Rows per page
Query Builder