Lucene search
K

14903 matches found

OpenVAS
OpenVAS
added 2021/07/06 12:0 a.m.22 views

Fedora: Security Advisory for ansible (FEDORA-2021-4ad7c70d71)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.4AI score0.00854EPSS
Exploits0References2
Kitploit
Kitploit
added 2021/07/03 9:30 p.m.95 views

MacHound - An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts

MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database...

7.2AI score
Exploits0References1
Rosalinux
Rosalinux
added 2021/07/02 5:38 p.m.45 views

Advisory ROSA-SA-2021-1938

Software: openssh 7.4p1 OS: Cobalt 7.9 CVE-ID: CVE-2011-4327 CVE-Crit: CRITICAL CVE-DESC: ssh-keysign.c in ssh-keysign in OpenSSH before version 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, allowing local users to obtain sensitive key information via ...

7.8CVSS8.3AI score0.88944EPSS
Exploits39
Rosalinux
Rosalinux
added 2021/07/02 5:17 p.m.38 views

Advisory ROSA-SA-2021-1893

Software: libssh2 1.8.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-13115 CVE-Crit: HIGH CVE-DESC: In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that can cause out-of-range reads when reading packets from the server. A remote attacker...

8.1CVSS7.6AI score0.11659EPSS
Exploits1
Rosalinux
Rosalinux
added 2021/07/02 4:39 p.m.37 views

Advisory ROSA-SA-2021-1829

Software: erlang R16B OS: Cobalt 7.9 CVE-ID: CVE-2011-0766 CVE-Crit: MEDIUM CVE-DESC: The random number generator in the Crypto application before 2.0.2.2.2 and SSH before 2.0.5, which was used in the Erlang / OTP ssh library before R14B03, uses predictable starting numbers based on the current...

7.8CVSS7.2AI score0.03046EPSS
Exploits1
Fedora
Fedora
added 2021/07/02 1:21 a.m.48 views

[SECURITY] Fedora 33 Update: ansible-2.9.23-1.fc33

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

7.1CVSS3.3AI score0.00854EPSS
Exploits0
Fedora
Fedora
added 2021/07/02 1:9 a.m.43 views

[SECURITY] Fedora 34 Update: ansible-2.9.23-1.fc34

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

7.1CVSS3.3AI score0.00854EPSS
Exploits0
NVD
NVD
added 2021/07/01 4:15 p.m.12 views

CVE-2020-27362

An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...

9CVSS0.01321EPSS
Exploits1References1
Prion
Prion
added 2021/07/01 4:15 p.m.13 views

Code injection

An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...

9CVSS8.7AI score0.01321EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/01 3:57 p.m.18 views

CVE-2020-27362

An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges...

8.8AI score0.01321EPSS
Exploits1References1
CVE
CVE
added 2021/07/01 3:57 p.m.64 views

CVE-2020-27362

Akkadian Provisioning Manager 4.50.02 is affected via the SSH console, where a low-privileged user can escape the web configuration file editor and escalate privileges. Root cause: escape of the web config editor. Impact: high (C/H, I/H, A/H per NVD). Exploitation details are not provided in the ...

9CVSS8.6AI score0.01321EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.4 views

Akkadian Provisioning Manager 安全漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability in the SSH console of Akkadian Provisioning Manager 4.50.02 allows an attacker with low-level privileges to escape the Web profile edit...

9CVSS8AI score0.01321EPSS
Exploits1References1
NVD
NVD
added 2021/06/29 3:15 p.m.13 views

CVE-2021-31505

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

7.2CVSS0.00551EPSS
Exploits0References2
Prion
Prion
added 2021/06/29 3:15 p.m.18 views

Hardcoded credentials

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

7.2CVSS6.8AI score0.00551EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/29 2:33 p.m.15 views

CVE-2021-31505

This vulnerability allows attackers with physical access to escalate privileges on affected installations of Arlo Q Plus 1.9.0.3278. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSH service. The device can be booted into a special operation mod...

6.8CVSS7AI score0.00551EPSS
Exploits0References2
CVE
CVE
added 2021/06/29 2:33 p.m.51 views

CVE-2021-31505

The CVE-2021-31505 entry affects Arlo Q Plus with firmware 1.9.0.3_278, where attackers with physical access can escalate privileges via the SSH service. The vulnerability allows the device to boot into a special operation mode that accepts hard-coded SSH credentials, enabling privilege escalatio...

7.2CVSS6.8AI score0.00551EPSS
Exploits0References2Affected Software1
AlmaLinux
AlmaLinux
added 2021/06/29 1:58 p.m.25 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...

1.6AI score
Exploits0
Rockylinux
Rockylinux
added 2021/06/29 1:58 p.m.18 views

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/06/29 1:42 p.m.15 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.6AI score
Exploits0
Rockylinux
Rockylinux
added 2021/06/29 1:42 p.m.17 views

kexec-tools bug fix and enhancement update

An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kexec-tools packages contain the /sbin/kexec binary and utilities tha...

1.4AI score
Exploits0
Rows per page
Query Builder