CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2024/08/01 4:15 p.m.•15 views

CVE-2024-41264

An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...

7.5CVSS0.00073EPSS

Exploits0References1

Cvelist•added 2024/08/01 12:0 a.m.•14 views

CVE-2024-41264

An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey method...

0.00073EPSS

Exploits0References1

CVE•added 2024/08/01 12:0 a.m.•48 views

CVE-2024-41264

The connected sources confirm a vulnerability in casdoor v1.636.0 where ssh.InsecureIgnoreHostKey() disables host key verification, enabling attackers to obtain sensitive information. The issue is described across multiple feeds (Red Hat, OSV, Veracode, GHSA, CNNVD, CVE records) with consistent d...

7.5CVSS6.4AI score0.00073EPSS

Exploits0References1Affected Software1

Veracode•added 2024/07/04 7:46 a.m.•11 views

Authentication Bypass

github.com/ginuerzh/gost is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the HostKeyCallback function. An attacker can intercept communications by setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

9.8CVSS6.8AI score0.00063EPSS

Exploits0References3Affected Software1

OSV•added 2024/07/03 3:15 p.m.•9 views

CVE-2024-39223

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

9.8CVSS7.4AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by