Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libssh libssh 0.5.1 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2012-6063
Double free vulnerability in the sftp_mkdir function in sftp.c in libssh prior to 0.5.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559.
Libssh Libssh 0.5.0
Libssh Libssh 0.4.8
Libssh Libssh 0.5.1
Libssh Libssh
Libssh Libssh 0.4.7
605
VMScore
CVE-2012-4559
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh ...
Libssh Libssh
Libssh Libssh 0.4.7
Libssh Libssh 0.5.0
Libssh Libssh 0.4.8
Libssh Libssh 0.5.1
445
VMScore
CVE-2012-4561
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh prior to 0.5.3 free "an invalid pointer on an error path," which might allow remote malicious users to cause a denia...
Libssh Libssh 0.4.8
Libssh Libssh 0.4.7
Libssh Libssh 0.5.0
Libssh Libssh
Libssh Libssh 0.5.1
668
VMScore
CVE-2012-4562
Multiple integer overflows in libssh prior to 0.5.3 allow remote malicious users to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified ...
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh
Libssh Libssh 0.4.8
Libssh Libssh 0.4.7
668
VMScore
CVE-2012-4560
Multiple buffer overflows in libssh prior to 0.5.3 allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
Libssh Libssh
Libssh Libssh 0.5.1
Libssh Libssh 0.4.8
Libssh Libssh 0.4.7
Libssh Libssh 0.5.0
383
VMScore
CVE-2013-0176
The publickey_from_privatekey function in libssh prior to 0.5.4, when no algorithm is matched during negotiations, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
Libssh Libssh 0.4.8
Libssh Libssh 0.4.7
Libssh Libssh 0.5.0
Libssh Libssh
Libssh Libssh 0.5.1
Libssh Libssh 0.5.2
169
VMScore
CVE-2014-0017
The RAND_bytes function in libssh prior to 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information...
Libssh Libssh 0.6.1
Libssh Libssh 0.5.5
Libssh Libssh 0.5.3
Libssh Libssh 0.5.4
Libssh Libssh 0.6.0
Libssh Libssh
Libssh Libssh 0.5.1
Libssh Libssh 0.5.2
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh 0.5.0
NA
CVE-2023-2283
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem...
Libssh Libssh
Fedoraproject Fedora 37
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-1667
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
Libssh Libssh
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started