Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2016-1984
The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices prior to 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote malicious users to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015...
Harman Amx Firmware 1.3.100
Harman Amx Firmware 1.2.322
890
VMScore
CVE-2015-6476
Advantech EKI-122x-BE devices with firmware prior to 1.65, EKI-132x devices with firmware prior to 1.98, and EKI-136x devices with firmware prior to 1.27 have hardcoded SSH keys, which makes it easier for remote malicious users to obtain access via an SSH session.
Advantech Eki-1322 Series Firmware
Advantech Eki-1321 Series Firmware
Advantech Eki-1361 Series Firmware
Advantech Eki-1362 Series Firmware
Advantech Eki-122x Series Firmware
890
VMScore
CVE-2015-2897
Sierra Wireless ALEOS prior to 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote malicious users to obtain administrative access via a (1) SSH or (2) TELNET session.
Sierrawireless Aleos
890
VMScore
CVE-2014-2198
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software prior to 4.4.2 has a hardcoded SSH private key, which makes it easier for remote malicious users to obtain access to the support and root accounts by extracting this key from a binary file found in...
Cisco Unified Cdm Platform Software
Cisco Unified Communications Domain Manager -
890
VMScore
CVE-2014-4152
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key.
Alienvault Open Source Security Information Management 4.6.1
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management 4.6
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management
890
VMScore
CVE-2013-6838
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows r...
Enghouseinteractive Ivr Pro 9.0.3
890
VMScore
CVE-2013-3594
The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote malicious users to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22.
Dell Powerconnect 3524p 2.0.0.48
Dell Powerconnect 5324 2.0.1.4
Dell Powerconnect 3348 1.2.1.3
890
VMScore
CVE-2013-4437
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
Saltstack Salt 0.17.0
890
VMScore
CVE-2013-4652
Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware prior to 4.5.4 allows remote malicious users to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection.
Siemens Scalance W700 Series Firmware
Siemens Scalance W788-1rr -
Siemens Scalance W788-2rr -
Siemens Scalance W744-1pro -
Siemens Scalance W746-1pro -
Siemens Scalance W747-1rr -
Siemens Scalance W786-2pro -
Siemens Scalance W747-1 -
Siemens Scalance W788-2pro -
Siemens Scalance W786-3pro -
Siemens Scalance W784-1 -
Siemens Scalance W784-1rr -
Siemens Scalance W744-1 -
Siemens Scalance W786-1pro -
Siemens Scalance W786-2rr -
Siemens Scalance W746-1 -
Siemens Scalance W788-1pro -
890
VMScore
CVE-2013-0137
The default configuration of the Digital Alert Systems DASDEC EAS device prior to 2.0-2 and the Monroe Electronics R189 One-Net EAS device prior to 2.0-2 contains a known SSH private key, which makes it easier for remote malicious users to obtain root access, and spoof alerts, vi...
Digital Alert Systems Dasdec Eas
Monroe Electronics R189 One-net Eas 2.0-0
Monroe Electronics R189 One-net Eas
Digital Alert Systems Dasdec Eas 2.0-0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »