14903 matches found
Fedora: Security Advisory for ansible (FEDORA-2021-4ad7c70d71)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
MacHound - An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database...
Advisory ROSA-SA-2021-1938
Software: openssh 7.4p1 OS: Cobalt 7.9 CVE-ID: CVE-2011-4327 CVE-Crit: CRITICAL CVE-DESC: ssh-keysign.c in ssh-keysign in OpenSSH before version 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, allowing local users to obtain sensitive key information via ...
Advisory ROSA-SA-2021-1893
Software: libssh2 1.8.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-13115 CVE-Crit: HIGH CVE-DESC: In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that can cause out-of-range reads when reading packets from the server. A remote attacker...
Advisory ROSA-SA-2021-1829
Software: erlang R16B OS: Cobalt 7.9 CVE-ID: CVE-2011-0766 CVE-Crit: MEDIUM CVE-DESC: The random number generator in the Crypto application before 2.0.2.2.2 and SSH before 2.0.5, which was used in the Erlang / OTP ssh library before R14B03, uses predictable starting numbers based on the current...
[SECURITY] Fedora 33 Update: ansible-2.9.23-1.fc33
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 34 Update: ansible-2.9.23-1.fc34
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
CVE-2020-27362
An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...
Code injection
An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...
CVE-2020-27362
An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...
CVE-2020-27362
Akkadian Provisioning Manager 4.50.02 is affected via the SSH console, where a low-privileged user can escape the web configuration file editor and escalate privileges. Root cause: escape of the web config editor. Impact: high (C/H, I/H, A/H per NVD). Exploitation details are not provided in the ...
Akkadian Provisioning Manager 安全漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability in the SSH console of Akkadian Provisioning Manager 4.50.02 allows an attacker with low-level privileges to escape the Web profile edit...
CVE-2021-31505
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...
Hardcoded credentials
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...
CVE-2021-31505
This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...
CVE-2021-31505
The CVE-2021-31505 entry affects Arlo Q Plus with firmware 1.9.0.3_278, where attackers with physical access can escalate privileges via the SSH service. The vulnerability allows the device to boot into a special operation mode that accepts hard-coded SSH credentials, enabling privilege escalatio...
cloud-init bug fix and enhancement update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...
cloud-init bug fix and enhancement update
An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...
kexec-tools bug fix and enhancement update
The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...
kexec-tools bug fix and enhancement update
An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kexec-tools packages contain the /sbin/kexec binary and utilities tha...