Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libssh libssh 0.4.8 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0017
The RAND_bytes function in libssh prior to 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information...
Libssh Libssh 0.6.1
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.6.0
Libssh Libssh
Libssh Libssh 0.5.3
Libssh Libssh 0.4.7
Libssh Libssh 0.5.2
Libssh Libssh 0.5.5
Libssh Libssh 0.5.4
Libssh Libssh 0.4.8
NA
CVE-2013-0176
The publickey_from_privatekey function in libssh prior to 0.5.4, when no algorithm is matched during negotiations, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.5.2
Libssh Libssh 0.4.8
Libssh Libssh
NA
CVE-2012-4559
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh ...
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh
NA
CVE-2012-4560
Multiple buffer overflows in libssh prior to 0.5.3 allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh
NA
CVE-2012-4562
Multiple integer overflows in libssh prior to 0.5.3 allow remote malicious users to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified ...
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh
NA
CVE-2012-6063
Double free vulnerability in the sftp_mkdir function in sftp.c in libssh prior to 0.5.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559.
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh
NA
CVE-2012-4561
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh prior to 0.5.3 free "an invalid pointer on an error path," which might allow remote malicious users to cause a denia...
Libssh Libssh 0.5.1
Libssh Libssh 0.5.0
Libssh Libssh 0.4.7
Libssh Libssh 0.4.8
Libssh Libssh
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started