Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
73 Github repositories
4 Articles
10
CVSSv3
CVE-2023-29131
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an malicious user to bypass network isolation.
Siemens Simatic Cn 4100
10
CVSSv3
CVE-2022-4390
A network misconfiguration is present in versions before 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, the...
Netgear Ax2400 Firmware
10
CVSSv3
CVE-2020-1614
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an malicious user to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the V...
Juniper Junos
Juniper Junos 19.2
10
CVSSv3
CVE-2020-6961
In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected ...
Gehealthcare Apexpro Telemetry Server Firmware
Gehealthcare Carescape Central Station Mai700 Firmware 1.0
Gehealthcare Carescape Central Station Mas700 Firmware 1.0
Gehealthcare Clinical Information Center Mp100d Firmware 4.0
Gehealthcare Clinical Information Center Mp100d Firmware 5.0
Gehealthcare Clinical Information Center Mp100r Firmware 4.0
Gehealthcare Clinical Information Center Mp100r Firmware 5.0
Gehealthcare Carescape Telemetry Server Mp100r Firmware
Gehealthcare Carescape Telemetry Server Mp100r Firmware 4.3
10
CVSSv3
CVE-2016-9335
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Managed Ethernet switches and ...
Redlion Sixnet-managed Industrial Switches Firmware
Redlion Stride-managed Ethernet Switches Firmware
10
CVSSv3
CVE-2017-7722
In SolarWinds Log & Event Manager (LEM) prior to 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the me...
Solarwinds Log \\& Event Manager 6.3.1
9.9
CVSSv3
CVE-2023-28110
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko ca...
Fit2cloud Koko -
Fit2cloud Jumpserver
9.8
CVSSv3
CVE-2024-21653
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH ...
Vantage6 Vantage6
9.8
CVSSv3
CVE-2023-48251
The vulnerability allows a remote malicious user to authenticate to the SSH service with root privileges through a hidden hard-coded account.
Bosch Nexo-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »