Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2019-7265
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 EDB exploit
1000
VMScore
CVE-2018-16158
Eaton Power Xpert Meter 4000, 6000, and 8000 devices prior to 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote malicious users to perform SSH logins (to uid 0) ...
Eaton Power Xpert Meter 4000 Firmware
Eaton Power Xpert Meter 6000 Firmware
Eaton Power Xpert Meter 8000 Firmware
1000
VMScore
CVE-2018-6000
An issue exists in AsusWRT prior to 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows malicious users to set the admin password and launch an SSH daemon (or enable i...
Asus Asuswrt
2 EDB exploits
1000
VMScore
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) up to and including 11.8.0.27 allows remote malicious users to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
Trustwave Secure Web Gateway
1 EDB exploit
1000
VMScore
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
124 Github repositories
3 Articles
1000
VMScore
CVE-2016-1560
ExaGrid appliances with firmware prior to 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote malicious users to obtain administrative access via an SSH or HTTP session.
Exagrid Ex3000 Firmware 4.8
Exagrid Ex5000 Firmware 4.8
Exagrid Ex7000 Firmware 4.8
Exagrid Ex10000e Firmware 4.8
Exagrid Ex13000e Firmware 4.8
Exagrid Ex21000e Firmware 4.8
Exagrid Ex32000e Firmware 4.8
Exagrid Ex40000e Firmware 4.8
1 EDB exploit
1000
VMScore
CVE-2017-7722
In SolarWinds Log & Event Manager (LEM) prior to 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the me...
Solarwinds Log \\& Event Manager 6.3.1
1000
VMScore
CVE-2017-3881
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Manag...
Cisco Ios
Cisco Ios Xe
2 EDB exploits
6 Github repositories
2 Articles
1000
VMScore
CVE-2016-7456
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote malicious users to obtain login access via an SSH session.
Vmware Vsphere Data Protection 6.1.3
Vmware Vsphere Data Protection 5.5.5
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 5.5.1
Vmware Vsphere Data Protection 5.8.0
Vmware Vsphere Data Protection 5.8.1
Vmware Vsphere Data Protection 5.8.2
Vmware Vsphere Data Protection 5.8.3
Vmware Vsphere Data Protection 5.8.4
Vmware Vsphere Data Protection 6.1.0
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 5.5.10
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.0.2
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 5.5.9
Vmware Vsphere Data Protection 5.5.11
Vmware Vsphere Data Protection 6.0.1
Vmware Vsphere Data Protection 6.0.3
1000
VMScore
CVE-2016-1909
Fortinet FortiAnalyzer prior to 5.0.12 and 5.2.x prior to 5.2.5; FortiSwitch 3.3.x prior to 3.3.3; FortiCache 3.0.x prior to 3.0.8; and FortiOS 4.1.x prior to 4.1.11, 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.17 and 5.0.x prior to 5.0.8 have a hardcoded passphrase for the Fortima...
Fortinet Fortios 5.0.2
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0
Fortinet Fortios 5.0.1
Fortinet Fortios
Fortinet Fortios 5.0.3
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »