OPENSUSE-SU-2024:10464-1 pam_ssh-2.1-1.7 on GA media

These are all security issues fixed in the pamssh-2.1-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13530-1 ssh-audit-3.1.0-1.1 on GA media

These are all security issues fixed in the ssh-audit-3.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-21988

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

CVE-2024-21988

CVE-2024-21988 affects NetApp StorageGRID (formerly StorageGRID Webscale). Versions prior to 11.7.0.9 and 11.8.0.5 are vulnerable due to a flaw in the SSH cryptographic implementation that enables disclosure of sensitive information in complex Man‑in‑the‑Middle attacks. The root cause is tied to ...

CVE-2024-21988 CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

CVE-2024-21988 CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2024-5313

CVE-2024-5313 is associated with Schneider Electric EVlink Home Smart chargers. Public sources describe a CWE-668 “Exposure of the Resource Wrong Sphere” issue where an SSH interface is exposed on the product network interface. Affected versions include EVlink Home Smart v2.0.4.1.2_131 and v2.0.3...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

Ubuntu: Security Advisory (USN-6820-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5813

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...

CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...

CVE-2024-5813

CVE-2024-5813 affects BeyondInsight Password Safe (BIPS). An authenticated attacker with high privileges can exploit an information leak in the server response to access SSH private keys, exposing highly sensitive material. The vulnerability targets the confidentiality of SSH keys via a disclosur...

[SECURITY] Fedora 40 Update: podman-tui-1.1.0-1.fc40

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

BeyondInsight Information Disclosure Vulnerability

BeyondInsight is a Privileged Access Management PAM reporting platform from BeyondTrust USA. An information disclosure vulnerability exists in BeyondInsight Password Safe, which originates from an authenticated attacker with elevated privileges who can access SSH private keys via information...

Fedora: Security Advisory (FEDORA-2024-e383f723a9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-49222

Precor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to gain root privileges...

CVE-2023-49222

Precor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to gain root privileges...