Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

RHEL 6 : libssh2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh2: Out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - A...

RLSA-2024:4457 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Possible remote code execution due to a race condition in signal handling affecting...

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a tenfold surge, adding it includes "mass...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

Collateral Damage Collateral Damage is a kernel exploit for Xb...

How to Configure XenServer to Send System Alerts through Authenticated SMTP Servers

This article describes how to configure XenServer to send system alerts through SMTP servers that require authentication. Requirements Administrative access to a XenServer host console either directly, through SSH, or by using theConsoletab in XenCenter. Background Customers can configure XenServ...

CBL Mariner 2.0 Security Update: libgit2 / rust (CVE-2023-22742)

The version of libgit2 / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-22742 advisory. - libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with t...

libgit2 fails to verify SSH keys by default

...

Exploit for Code Injection in Vmware Cloud_Foundation

CVE-2024-22274 - Run and input host ip, port, username and p...

Cactus Ransomware: New strain in the market

Cactus Ransomware: New strain in the market By Aishwarya Gentyal · July 11, 2024 Ransomware malware has been around for many years now and it continues to dominate the headlines. It's an attacker's top choice for cyber extortion and is one of the most active and profound threats facing...

CVE-2024-39562

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

CVE-2024-39562

Junos OS Evolved is affected by CVE-2024-39562 due to a Missing Release of Resource after Effective Lifetime in the xinetd process, which can crash and leave defunct sshd processes under high concurrent SSH load. This denial-of-service blocks SSH access and dependent SSH services (SFTP, Netconf o...

CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openSUSE Security Advisory (SUSE-SU-2024:2275-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2024:4457 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Possible remote code execution due to a race condition in signal handling affecting...

Exploit for Race Condition in Openbsd Openssh

CVE-2024-6387 Vulnerability Checker Overview This Python...

Siemens RUGGEDCOM APE 1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2024-6580

The /n software IPWorks SSH library SFTPServer component can be induced to make unintended filesystem or network path requests when loading a SSH public key or certificate. To be exploitable, an application calling the SFTPServer component must grant user access without verifying the SSH public k...