Lucene search
K

14903 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2021/07/11 12:0 a.m.57 views

Security update for salt (critical)

openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:2106-1 Rating: critical References: 1171257 1176293 1179831 1181368 1182281 1182293 1182382 1185092 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651...

9.8CVSS9.1AI score0.96405EPSS
Exploits29References13
Kitploit
Kitploit
added 2021/07/10 12:30 p.m.117 views

The-Bastion - Authentication, Authorization, Traceability And Auditability For SSH Accesses

Bastions are a cluster of machines used as the unique entry point by operational teams such as sysadmins, developers, database admins, ... to securely connect to devices servers, virtual machines, cloud instances, network equipment, ..., usually using ssh. Bastions provides mechanisms for...

8AI score
Exploits0References8
OSV
OSV
added 2021/07/09 9:15 p.m.20 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS6.8AI score
Exploits0References4
NVD
NVD
added 2021/07/09 9:15 p.m.14 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS0.01106EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/07/09 9:15 p.m.1 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS5.5AI score0.01106EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2021/07/09 9:15 p.m.29 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS7.2AI score0.01106EPSS
Exploits0References3
Prion
Prion
added 2021/07/09 9:15 p.m.21 views

Design/Logic Flaw

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

5.8CVSS8AI score0.01106EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/07/09 9:15 p.m.2 views

UBUNTU-CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS7.2AI score0.01106EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/07/09 12:0 a.m.13 views

Citrix ADM SSH Detection

Binary data citrixadmsshdetect.nbin...

7.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/07/09 12:0 a.m.19 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

6.8AI score0.01106EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/07/09 12:0 a.m.27 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.2AI score0.01106EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/07/09 12:0 a.m.6 views

PT-2021-3760

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows versions prior to 15.2.3 HF2 Description A remote code execution vulnerability in the SolarWinds Serv-U product allows a threat actor to gain privileged access to the...

10CVSS10AI score0.9116EPSS
Exploits2References33
CVE
CVE
added 2021/07/09 12:0 a.m.180 views

CVE-2021-36367

PuTTY prior to 0.76 proceeds with an SSH session even if no substantive authentication has been sent, enabling a remote, attacker‑controlled SSH server to later present spoofed authentication prompts and capture credentials. Upstream fixes exist in 0.76+; Debian/DLA advisories note patches in new...

8.1CVSS7.9AI score0.01106EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/07/09 12:0 a.m.23 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS8.1AI score0.01106EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/07/09 12:0 a.m.31 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS6.7AI score0.01106EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/07/07 4:47 a.m.48 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.23)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

7.1CVSS7.1AI score0.00854EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/07/07 4:47 a.m.70 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.23)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

7.1CVSS7.1AI score0.00854EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2021-2097)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.12996EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2021/07/07 12:0 a.m.81 views

RHEL 7 / 8 : Ansible security update (2.9.23) (Important) (RHSA-2021:2663)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2663 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and do...

7.1CVSS7.7AI score0.00854EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/07/06 12:0 a.m.19 views

Fedora: Security Advisory for ansible (FEDORA-2021-574ee4dd30)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.4AI score0.00854EPSS
Exploits0References2
Rows per page
Query Builder