Lucene search
K

14901 matches found

UbuntuCve
UbuntuCve
added 2021/08/26 12:0 a.m.50 views

CVE-2021-3634

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...

6.5CVSS6.5AI score0.04683EPSS
Exploits0References2
NVD
NVD
added 2021/08/25 8:15 p.m.21 views

CVE-2021-1592

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4.3CVSS0.01032EPSS
Exploits0References1
OSV
OSV
added 2021/08/25 8:15 p.m.8 views

CVE-2021-1592

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4.3CVSS5.9AI score0.01032EPSS
Exploits0References1
Prion
Prion
added 2021/08/25 8:15 p.m.17 views

Design/Logic Flaw

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4CVSS4.8AI score0.01032EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/08/25 7:11 p.m.8 views

CVE-2021-1592 Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4.3CVSS6.9AI score0.01032EPSS
Exploits0References1
CVE
CVE
added 2021/08/25 7:11 p.m.51 views

CVE-2021-1592

Cisco UCS Manager SSH sessions DoS (CVE-2021-1592) is caused by improper resource management for established SSH sessions. An authenticated, remote attacker can open many SSH sessions to crash and restart Cisco UCS Manager software processes, causing temporary loss of access to the CLI and web UI...

4.3CVSS4.7AI score0.01032EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/25 7:11 p.m.24 views

CVE-2021-1592 Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4.3CVSS5.1AI score0.01032EPSS
Exploits0References1
Cisco
Cisco
added 2021/08/25 4:0 p.m.89 views

Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

4.3CVSS4.7AI score0.01032EPSS
Exploits0References1
Prion
Prion
added 2021/08/24 1:15 p.m.9 views

Command injection

Network Attached Storage on LG N1T1 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter...

10CVSS9.9AI score0.08955EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.29 views

Debian DLA-2748-1 : tnef - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2748 advisory. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef...

5.5CVSS6.3AI score0.01203EPSS
Exploits1References5
NVD
NVD
added 2021/08/23 10:15 p.m.23 views

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

10CVSS0.02196EPSS
Exploits1References3
Prion
Prion
added 2021/08/23 10:15 p.m.15 views

Hardcoded credentials

UNSUPPORTED WHEN ASSIGNED D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain acce...

10CVSS9.5AI score0.02196EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/08/23 9:21 p.m.58 views

CVE-2021-39615

The D-Link DSR-500N is affected by CVE-2021-39615 in version 1.02, where hard-coded credentials for undocumented accounts in /etc/passwd allow an attacker to log in via SSH or Telnet and gain access to the embedded Linux OS. The issue is fixed in firmware version 2.12/2. This vulnerability is not...

10CVSS9.5AI score0.02196EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/23 9:21 p.m.21 views

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

9.8AI score0.02196EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/08/23 12:0 a.m.113 views

Unix Software Discovery Command Checks

Nessus plugins run OS commands locally on the target host to discover and characterize software that is not managed by the target operating system. This plugin runs those commands over SSH to determine whether there is any problem that might prevent the successful discovery of unmanaged software...

5.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/08/19 12:0 a.m.8 views

The vulnerability of the SSH server on the ROSA KOBALT operating system lies in the use of weak encryption algorithms such as RC4 and Blowfish. This allows attackers to circumvent cryptographic security measures.

The vulnerability of the SSH server on the ROS KOBALT operating system is related to the use of weak encryption algorithms such as RC4 and Blowfish. Exploiting this vulnerability allows a remote attacker to circumvent the cryptographic security measures...

6.5CVSS5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/08/19 12:0 a.m.78 views

SSH Cisco Wireless LAN Controller (WLC) Enumeration

The remote device is a Cisco Wireless LAN Controller WLC. TRUSTED...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2021/08/17 12:30 p.m.145 views

ReverseSSH - Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such

A statically-linkedssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Get the latest Release Features Catching a reverse shell with...

7.7AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/17 8:33 a.m.69 views

Moderate: Red Hat Security Advisory: cloud-init security update

An update for cloud-init is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2021/08/15 6:9 a.m.37 views

CVE-2020-9283

A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server...

7.5CVSS3AI score0.21052EPSS
Exploits6References4
Rows per page
Query Builder