CVE-2025-2903

CVE-2025-2903 concerns Google Cloud Platform OS Login, where an attacker who can create user accounts during VM deployment can SSH into a VM and gain command-line control of the OS. The consolidated evidence across Red Hat, NVD, and related feeds states that exploitation leads to access to data o...

JetBrains Toolbox App 安全漏洞

JetBrains Toolbox App is an application for managing JetBrains development tools, providing the ability to install, update and manage multiple JetBrains tools. A security vulnerability exists in JetBrains Toolbox App that stems from the lack of authentication of the host key in the SSH plugin. An...

JetBrains Toolbox App 安全漏洞

JetBrains Toolbox App is an application for managing and updating JetBrains development tools. A security vulnerability exists in JetBrains Toolbox App that stems from a lack of sufficient user validation when establishing a connection. An attacker could exploit the vulnerability to establish an...

PT-2025-17197 · Jetbrains · Jetbrains Toolbox App

Name of the Vulnerable Software and Affected Versions: JetBrains Toolbox App versions prior to 2.6 Description: The issue concerns missing host key verification in the SSH plugin. Recommendations: For versions prior to 2.6, update to version 2.6 or later to resolve the issue...

PT-2025-17198 · Jetbrains · Ssh Plugin +1

Name of the Vulnerable Software and Affected Versions: JetBrains Toolbox App versions prior to 2.6 Description: The issue concerns command injection in the SSH plugin. Recommendations: For versions prior to 2.6, update to version 2.6 or later to resolve the issue...

PT-2025-17200 · Jetbrains · Jetbrains Toolbox App

Name of the Vulnerable Software and Affected Versions: JetBrains Toolbox App versions prior to 2.6 Description: The issue concerns the SSH plugin in the JetBrains Toolbox App, which established connections without sufficient user confirmation. Recommendations: For versions prior to 2.6, update to...

PT-2025-17199 · Jetbrains · Jetbrains Toolbox App

Name of the Vulnerable Software and Affected Versions: JetBrains Toolbox App versions prior to 2.6 Description: The issue concerns unencrypted credential transmission during SSH authentication. Recommendations: For versions prior to 2.6, update to version 2.6 or later to resolve the issue...

AZL-60583 CVE-2025-32433 affecting package erlang for versions less than 25.3.2.20-1

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433 Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433 Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433 Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

CVE-2025-32433

The CVE-2025-32433 issue affects Erlang/OTP’s SSH server and is caused by a flaw in SSH message handling during authentication, enabling an unauthenticated attacker to execute arbitrary commands with the SSH daemon’s privileges (potentially root). Affected OTP versions include OTP-27.3.2?3, OTP-2...

Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server

Description: This update fixes the following issues: proxy-helm: Version 5.0.12: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.10: Fixed wrong IP address set on susemanager-tftpsync-recv.conf Image rebuilt to the newest version with updated...

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

PT-2025-16905

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions prior to OTP-27.3.3 Erlang/OTP versions prior to OTP-26.2.5.11 Erlang/OTP versions prior to OTP-25.3.2.20 Description A critical flaw in the SSH protocol implementation of the Erlang/OTP library allows unauthenticated remot...

Erlang -- Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

[email protected] reports: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protoc...