Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache mina vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-0231
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migra...
Apache Mina 2.1.1
Apache Mina 2.0.20
9.8
CVSSv3
CVE-2022-45047
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for l...
Apache Sshd
1 Github repository
4.3
CVSSv3
CVE-2023-35887
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information a...
Apache Sshd
6.5
CVSSv3
CVE-2021-41973
In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or grea...
Apache Mina
Oracle Customer Management And Segmentation Foundation 18.0
Oracle Banking Trade Finance Process Management 14.5
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Banking Payments 14.5
Oracle Banking Treasury Management 14.5
Oracle Customer Management And Segmentation Foundation 19.0
Oracle Fusion Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Fusion Middleware Common Libraries And Tools 14.1.1.0.0
Oracle Oss Support Tools 2.12.42
Oracle Fusion Middleware Common Libraries And Tools 12.2.1.3.0
Oracle Flexcube Universal Banking 14.5
Oracle Flexcube Universal Banking
6.5
CVSSv3
CVE-2021-30129
A vulnerability in sshd-core of Apache Mina SSHD allows an malicious user to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0
Apache Sshd
Oracle Retail Customer Management And Segmentation Foundation 18.0
Oracle Flexcube Universal Banking
Oracle Retail Customer Management And Segmentation Foundation 19.0
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Banking Payments 14.5
Oracle Banking Trade Finance 14.5
Oracle Banking Treasury Management 14.5
Oracle Oss Support Tools 2.12.42
Oracle Flexcube Universal Banking 14.5
Oracle Middleware Common Libraries And Tools 14.1.1.0.0
Oracle Middleware Common Libraries And Tools 12.2.1.3.0
5.9
CVSSv3
CVE-2019-6111
An issue exists in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Fedoraproject Fedora 30
Apache Mina Sshd 2.2.0
2 EDB exploits
3 Github repositories
1 Article
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started