CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/14 12:18 a.m.•4 views

CVE-2024-54855

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts...

6.4CVSS7.4AI score0.00069EPSS

Exploits1References1

NVD•added 2026/01/13 4:15 p.m.•1 views

CVE-2024-54855

6.4CVSS0.00069EPSS

Exploits1References3

CVE•added 2026/01/13 12:0 a.m.•7 views

CVE-2024-54855

The CVE affects Vanilla OS 2 Core image v1.1.0, where SSH service uses static keys baked into the image. This root cause enables potential man‑in‑the‑middle attacks on SSH connections to other hosts. Documented across NVD/Red Hat/CNNVD/CVE listings; no explicit remediation or patch version is pro...

6.4CVSS7AI score0.00069EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/01/13 12:0 a.m.•2 views

CVE-2024-54855

7AI score0.00069EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-30231

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02351EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:50 p.m.•3 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS7.4AI score0.02351EPSS

Exploits1References1

CVE•added 2025/03/19 12:0 a.m.•46 views

CVE-2025-30234

SmartOS (as used in Triton Data Center and related products) is affected by CVE-2025-30234 due to static host SSH keys embedded in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26). The issue is tied to the presence of static host keys in the image, with C...

8.3CVSS7AI score0.00126EPSS

Exploits0References3

NVD•added 2023/08/22 7:16 p.m.•10 views

CVE-2023-37426

EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host...

7.5CVSS7.4AI score0.00309EPSS

Exploits0References1

ATTACKERKB•added 2022/04/04 6:15 p.m.•2 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS5.4AI score0.02351EPSS

Exploits1References2

Cvelist•added 2022/04/04 5:23 p.m.•12 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.7AI score0.02351EPSS

Exploits1References1