Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14823 matches found

NVD
NVDadded 2025/04/17 4:15 p.m.13 views

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

9.8CVSS0.00663EPSS
Exploits0References1
NVD
NVDadded 2025/04/17 4:15 p.m.17 views

CVE-2025-42921

In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin...

6.5CVSS0.00161EPSS
Exploits0References1
NVD
NVDadded 2025/04/17 4:15 p.m.16 views

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

7.5CVSS0.00134EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/17 3:56 p.m.9 views

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

8.3CVSS0.00663EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/17 3:56 p.m.10 views

CVE-2025-43014

In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation...

6.1CVSS6.3AI score0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/17 3:56 p.m.7 views

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible...

8.3CVSS7.5AI score0.00663EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/17 3:56 p.m.9 views

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

6.9CVSS6.9AI score0.00134EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/17 3:56 p.m.13 views

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

6.9CVSS0.00134EPSS
Exploits0References1
CVE
CVEadded 2025/04/17 3:56 p.m.65 views

CVE-2025-43012

JetBrains Toolbox App prior to version 2.6 is affected by a vulnerability in the SSH plugin that enables command injection due to improper input handling. Reported as CVE-2025-43012, the issue can permit arbitrary code execution with network access and no user interaction required, as reflected b...

9.8CVSS7.5AI score0.00663EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2025/04/17 3:56 p.m.68 views

CVE-2025-43014

CVE-2025-43014 affects JetBrains Toolbox App prior to 2.6, specifically the SSH plugin, which established connections without sufficient user confirmation. The available connected documents confirm this vulnerability exists in versions before 2.6 and describe the issue as a lack of proper user va...

6.5CVSS7AI score0.00184EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2025/04/17 3:56 p.m.66 views

CVE-2025-43013

JetBrains Toolbox App prior to version 2.6 is affected by CVE-2025-43013 due to unencrypted credential transmission during SSH authentication. The issue is documented across multiple sources (Red Hat, NVD, CNVD, Nessus plugin, and PT Security) and is tied specifically to the SSH plugin’s handling...

7.5CVSS7.2AI score0.00134EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/04/17 3:56 p.m.16 views

CVE-2025-43014

In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation...

6.1CVSS0.00184EPSS
Exploits0References1
CVE
CVEadded 2025/04/17 3:56 p.m.56 views

CVE-2025-42921

JetBrains Toolbox App has a CVE-2025-42921 vulnerability affecting versions prior to 2.6, caused by missing host key verification in the SSH plugin. Multiple connected sources corroborate that the SSH plugin’s host key verification is absent, enabling potential subversion of SSH authenticity. Aff...

6.5CVSS7AI score0.00161EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/04/17 3:56 p.m.9 views

CVE-2025-42921

In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin...

4.2CVSS4.6AI score0.00161EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/17 3:56 p.m.10 views

CVE-2025-42921

In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin...

4.2CVSS0.00161EPSS
Exploits0References1
Ubuntu
Ubuntuadded 2025/04/17 2:4 p.m.88 views

USN-7443-1: Erlang vulnerability

Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

10CVSS8.4AI score0.97673EPSS
Exploits36
The Hacker News
The Hacker Newsadded 2025/04/17 10:32 a.m.29 views

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform OTP SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433 , has been given the maximum CVSS...

10CVSS9.9AI score0.97673EPSS
Exploits36
NVD
NVDadded 2025/04/17 7:15 a.m.14 views

CVE-2025-2903

An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...

8.5CVSS0.00166EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/17 6:50 a.m.24 views

CVE-2025-2903 Privilege Chaining in Delphix

An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...

8.5CVSS0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/17 6:50 a.m.5 views

CVE-2025-2903 Privilege Chaining in Delphix

An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...

8.5CVSS6.5AI score0.00166EPSS
Exploits0References1
Rows per page
Query Builder