Lucene search
K

14907 matches found

Veracode
Veracode
added 2021/04/29 11:57 p.m.12 views

Man-in-the-Middle (MitM)

ansible is vulnerable to man-in-the-middle attacks. The vulnerability exists because the Git module encourages the use of StrictHostKeyChecking=no with SSH, enabling attackers to intercept the traffic...

4.4AI score
Exploits0
Metasploit
Metasploit
added 2021/04/29 5:41 p.m.49 views

Micro Focus Operations Bridge Reporter shrboadmin default password

This module abuses a known default password on Micro Focus Operations Bridge Reporter. The 'shrboadmin' user, installed by default by the product has the password of 'shrboadmin', and allows an attacker to login to the server via SSH. This module has been tested with Micro Focus Operations Bridge...

9.8CVSS9.3AI score0.15776EPSS
Exploits3
NVD
NVD
added 2021/04/29 3:15 p.m.25 views

CVE-2020-21995

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

9.8CVSS0.02023EPSS
Exploits0References2
Prion
Prion
added 2021/04/29 3:15 p.m.19 views

Hardcoded credentials

Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system...

7.5CVSS9.5AI score0.02023EPSS
Exploits0References2Affected Software6
CVE
CVE
added 2021/04/29 2:10 p.m.46 views

CVE-2020-21995

CVE-2020-21995 affects INIM Electronics SmartLiving SmartLAN/G/SI devices (affected <= 6.x). Root cause is hard-coded credentials embedded in the Linux distribution image, enabling an attacker to access Telnet, SSH, and FTP. Affected models include SmartLiving 505, 515, 1050/1050/G3, 10100L/10...

9.8CVSS9.5AI score0.02023EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2021/04/29 12:14 p.m.27 views

Authentication Bypass

salt is vulnerable to authentication bypass. The salt-netapi improperly validates eauth credentials and tokens, allowing an attacker to bypass authentication and invoke Salt SSH...

9.8CVSS3.9AI score0.57453EPSS
Exploits3References12Affected Software1
Hacker One
Hacker One
added 2021/04/27 7:40 p.m.17 views

Uber: pam_ussh does not properly validate the SSH certificate authority

The pamussh module that Uber open-sourced in https://github.com/uber/pam-ussh does not validate that the SSH certificate presented by a user is actually signed by a trusted CA listed in the configured cafile...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/26 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:1251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.00358EPSS
Exploits0References6
Kitploit
Kitploit
added 2021/04/24 9:30 p.m.226 views

OverRide - Binary Exploitation And Reverse-Engineering (From Assembly Into C)

Explore disassembly, binary exploitation & reverse-engineering through 10 little challenges. In the folder for each level you will find: flag - password for next level README.md - how to find password source.c - the reverse engineered binary dissasemblynotes.md - notes on asm See the subject...

7.7AI score
Exploits0References14
RedHat Linux
RedHat Linux
added 2021/04/22 9:8 p.m.111 views

Moderate: Red Hat Security Advisory: Ansible security update (2.9.20)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

5.5CVSS6.9AI score0.00333EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/04/22 9:7 p.m.104 views

Moderate: Red Hat Security Advisory: Ansible security update (2.9.20)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

5.5CVSS6.9AI score0.00333EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2021/04/22 2:0 p.m.72 views

Exploit for Path Traversal in Vmware Cloud_Foundation

vsphereyeeter.sh is an automated bash script to exploit vuln...

10CVSS10AI score0.9957EPSS
Exploits47
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.35 views

RHEL 7 / 8 : Ansible security update (2.9.20) (Moderate) (RHSA-2021:1342)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1342 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and do...

5.5CVSS7.3AI score0.00333EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.7 views

Huawei Data Communication: A proper timeout interval must be configured for the VTY

Configure the SSH/telnet login session of the VTY to not time out. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.8 views

Huawei Data Communication: Configuring Secure User Authentication Modes and Permission Levels

Configure user rights in the user-interface VTY view. In password authentication mode, this permission is the actual login permission. In AAA authentication mode, this parameter takes effect if no user rights are configured on the AAA server. Configuring password authentication on the VTY is...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.6 views

Huawei Data Communication: VTY allows Telnet login, which is risky

VTY allows Telnet login, which is risky Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute ...

7.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/19 9:38 p.m.11 views

Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH (CVE-2016-6063)

Summary Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH CVE-2016-6063 Vulnerability Details Title Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH CVE-2016-6063 Summary The default Debian Linux configuration of SSH includes outdated ciphers that...

0.6AI score
Exploits0Affected Software1
NVD
NVD
added 2021/04/19 2:15 p.m.17 views

CVE-2021-20989

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be...

5.9CVSS0.01983EPSS
Exploits3References3
OSV
OSV
added 2021/04/19 2:15 p.m.5 views

CVE-2021-20989

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be...

5.9CVSS6.8AI score0.01983EPSS
Exploits3References3
Prion
Prion
added 2021/04/19 2:15 p.m.17 views

Authorization

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be...

4.3CVSS6.6AI score0.01983EPSS
Exploits3References3Affected Software2
Rows per page
Query Builder