CVE-2025-48413 Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

The /etc/passwd and /etc/shadow files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device...

PT-2025-22342

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue concerns hard-coded password hashes for the operating system "root" user, which are shipped with update files and cannot be deleted or changed by end-users. An attacker can use these...

PT-2025-22344

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description A USB backdoor feature can be triggered by attaching a USB drive containing specially crafted salia.ini files. These files can contain commands that an attacker could exploit to export or modi...

Infoblox NIOS Terrapin Attack (000009589)

The version of Infoblox NIOS installed on the remote host is affected by a vulnerability in OpenSSH. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted fr...

MGASA-2025-0158 Updated dropbear packages fix security vulnerability

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

Updated dropbear packages fix security vulnerability

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...

Alibaba Cloud Linux 3 : 0014: libssh (ALINUX3-SA-2024:0014)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-48795: The SSH transport protocol with...

Update Rollup 3 for System Center 2022 Orchestrator

Update Rollup 3 for System Center 2022 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center Orchestrator 2022. This article also contains the installation instructions for this update. Issues that are fixed Read Line activity...

golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

OpenPubkey 安全漏洞

OpenPubkey is an OpenPubkey reference implementation of OpenPubkey open source. A security vulnerability exists in OpenPubkey versions prior to 0.10.0 and OPKSSH versions prior to 0.5.0, which stems from a specially crafted JWS that can bypass signature verification and may result in bypassing...

ALSA-2025:7462 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144...

ALSA-2025:7484 Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of...

RHEL 9 : podman (RHSA-2025:7391)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7391 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...

About Remote Code Execution – Erlang/OTP (CVE-2025-32433) vulnerability

About Remote Code Execution - Erlang/OTP CVE-2025-32433 vulnerability. Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries...

CVE-2025-28202

Incorrect access control in Victure RX1800 ENV1.0.0r12110933 allows attackers to enable SSH and Telnet services without authentication...

CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

CVE-2025-36546

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...