Lucene search
K

14907 matches found

Rockylinux
Rockylinux
added 2021/06/29 1:58 p.m.19 views

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/06/29 1:58 p.m.25 views

cloud-init bug fix and enhancement update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...

1.6AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/06/29 1:42 p.m.15 views

kexec-tools bug fix and enhancement update

The kexec-tools packages contain the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec feature. The /sbin/kexec binary facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot. The kexec fastboot...

1.6AI score
Exploits0
Rockylinux
Rockylinux
added 2021/06/29 1:42 p.m.18 views

kexec-tools bug fix and enhancement update

An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kexec-tools packages contain the /sbin/kexec binary and utilities tha...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/29 1:6 p.m.44 views

Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine

An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in...

0.6AI score
Exploits0
CNVD
CNVD
added 2021/06/29 12:0 a.m.9 views

Sick Visionary-S CX Information Disclosure Vulnerability

SICK Visionary-S CX is a 3D vision sensor from SICK, Germany. It provides direct output of color and depth values via Ethernet. The SICK Visionary-S CX has a security vulnerability in versions prior to 5.21.2.29154R, which can be exploited by an attacker with a weak password to more easily...

5.3CVSS6.6AI score0.00264EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/06/28 9:30 p.m.249 views

AWS Pen-Testing Laboratory - Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet

PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region "eu-west-1" For other regions, kali ami id must be specified and metasploitable3 id after...

7.3AI score
Exploits0References6
NVD
NVD
added 2021/06/28 12:15 p.m.11 views

CVE-2021-32496

SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength vulnerability concerning the internal SSH interface solely used by SICK for recovering returned devices. The use of weak ciphers make it easier for an attacker to break the security that protects...

5.3CVSS0.00264EPSS
Exploits0References1
Prion
Prion
added 2021/06/28 12:15 p.m.12 views

Code injection

SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength vulnerability concerning the internal SSH interface solely used by SICK for recovering returned devices. The use of weak ciphers make it easier for an attacker to break the security that protects...

3.5CVSS5.2AI score0.00264EPSS
Exploits0References1Affected Software1
Securelist
Securelist
added 2021/06/28 11:15 a.m.30 views

Detecting unknown threats: a honeypot how-to

Catching threats is tricky business, especially in todays threat landscape. To tackle this problem, for many years сybersecurity researchers have been using honeypots – a well-known deception technique in the industry. Dan Demeter, Senior Security Researcher with Kasperskys Global Research and...

0.2AI score
Exploits0
CVE
CVE
added 2021/06/28 11:2 a.m.43 views

CVE-2021-32496

CVE-2021-32496 affects SICK Visionary-S CX up to version 5.21.2.29154R. The vulnerability is an Inadequate Encryption Strength issue on the internal SSH interface used for recovering returned devices, caused by weak ciphers. This can allow an attacker with network access to decrypt/transmit data ...

5.3CVSS5.1AI score0.00264EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.7 views

SUSE SLES15: freeradius-server / freeradius-server-devel / etc (SUSE-SU-2021:2147-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:2147-1 advisory. - Fixed plaintext password entries in logfiles bsc1184016. Tenable has extracted the preceding description block directly from the SUSE security...

5.9AI score
Exploits0References2
Packet Storm
Packet Storm
added 2021/06/28 12:0 a.m.1222 views

Android 2.0 FreeCIV Arbitrary Code Execution

""" Android Debug Bridge ADB freeciv exploit Author : Raed-Ahsan https://linkedin.com/in/raed-ahsan Android 2.0 Banana Studio """ """ import socket socket import subprocess Subprocess import pyautogui PyAutoGui import time Time def connectionfunctionhost, port: s = socket.socketsocket.AFINET,...

10CVSS0.9AI score0.03342EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/28 12:0 a.m.32 views

Fedora: Security Advisory for openssh (FEDORA-2021-1d3698089d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS7.1AI score0.03422EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.41 views

Security Bulletin: Vulnerabilities in OpenSSH affect GPFS V3.5 for Windows (CVE-2016-0777, CVE-2016-0778)

Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects OpenSSH for GPFS V3.5. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client...

8.1CVSS0.4AI score0.63468EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.147 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM GPFS for Windows (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM GPFS for Windows V3.5 Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properl...

4.3CVSS4.5AI score0.9986EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2021/06/25 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:2161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.00399EPSS
Exploits2References6
Kitploit
Kitploit
added 2021/06/24 12:30 p.m.262 views

Shreder - A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool

Shreder is a powerful multi-threaded SSH protocol password brute-force tool. Features Very fast password guessing, just one password in 0.1 second. Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds. Simple CLI and API usage. Installation pip3 install...

7.4AI score
Exploits0References1
CNVD
CNVD
added 2021/06/24 12:0 a.m.5 views

Accellion Kiteworks Elevation of Privilege Vulnerability

Accellion kiteworks is a next-generation mobile file sharing and collaboration platform that improves enterprise productivity and security. An elevation of privilege vulnerability exists in Accellion Kiteworks versions prior to 7.3.1. An attacker can exploit this vulnerability to access SSH...

6.7CVSS6.9AI score0.00934EPSS
Exploits0References1
NVD
NVD
added 2021/06/23 12:15 p.m.16 views

CVE-2021-31585

Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access...

6.7CVSS0.00934EPSS
Exploits0References2
Rows per page
Query Builder