Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-094 (ALASECS-2026-094)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-094 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the progr...

Azure Linux 3.0 Security Update: wireshark (CVE-2023-6174)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6174 advisory. - SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-47913)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47913 advisory. - SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause ear...

PT-2026-3932

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Management System. This issue is related to the SessionController function within the SSH Protocol Handler...

Soft Serve security vulnerability

Soft Serve is a self-hosted command-line Git server developed by Charm. Versions of Soft Serve prior to 0.11.2 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers to provide the victim’s public key during the SSH handshake phase,...

Authentication Bypass by Alternate Name

Overview Affected versions of this package are vulnerable to Authentication Bypass by Alternate Name via the SSH authentication process. An attacker can gain unauthorized access and impersonate any user, including administrative accounts, by presenting a victim's public key during the SSH handsha...

CVE-2021-47871

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

CVE-2021-47871

CVE-2021-47871 affects Hestia Control Panel 1.3.2. An authenticated attacker can exploit the API endpoint index.php via the v-make-tmp-file command to perform arbitrary file writes, potentially placing SSH keys or other content at arbitrary server paths. Impact is high for confidentiality, integr...

CVE-2021-47871 Hestia Control Panel 1.3.2 - Arbitrary File Write

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2026:0753)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0753 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the preceding...

PT-2026-4297

Name of the Vulnerable Software and Affected Versions Soft Serve versions 0.11.2 and below Description Soft Serve, a self-hostable Git server, contains a critical flaw that allows an attacker to impersonate any user, including administrators. This is achieved by presenting the victim's public key...

CLSA-2026-1768930687 podman: Fix of CVE-2025-47913

CVE-2025-47913: fix ssh/agent client panic on unexpected message types...

MiracleLinux 7 : openssh-7.4p1-23.el7 (AXSA:2023-6280:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6280:07 advisory. openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : cloud-init-19.4-1.el8.7 (AXSA:2020-635:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-635:05 advisory. cloud-init: default configuration disabled deletion of SSH host keys CVE-2018-10896 The default cloud-init configuration, in cloud-init 0.6.2 and newer,...

MiracleLinux 8 : container-tools:4.0 (AXSA:2022-4429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4429:01 advisory. cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc...

MiracleLinux 8 : openssh-8.0p1-19.el8 (AXSA:2023-6282:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6282:09 advisory. openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : openssh-8.7p1-30.el9 (AXSA:2023-6281:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6281:08 advisory. openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 Tenable has extracted the preceding description block directly from the MiracleLinu...

CLSA-2026-1768815869 buildah: Fix of CVE-2025-47913

CVE-2025-47913: prevent ssh-agent panic by rejecting unexpected message types and returning a descriptive error instead...

container-tools:rhel8 security update

An update is available for module.crun, fuse-overlayfs, module.slirp4netns, python-podman, module.runc, container-selinux, module.podman, module.udica, module.aardvark-dns, module.fuse-overlayfs, cockpit-podman, aardvark-dns, module.conmon, containers-common, libslirp, criu,...