Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 (and later)...
Akkadianlabs Ova Appliance
Akkadianlabs Provisioning Manager
10
CVSSv2
CVE-2017-14459
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username param...
Moxa Awk-3131a Firmware 1.7
Moxa Awk-3131a Firmware 1.5
Moxa Awk-3131a Firmware 1.4
Moxa Awk-3131a Firmware 1.6
10
CVSSv2
CVE-2006-3738
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions has unspecified impact and remote attack vectors involving a long list of ciphers.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.8
10
CVSSv2
CVE-2002-1645
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote malicious users to execute arbitrary code via a long URL.
Ssh Ssh2 3.2
Ssh Ssh2 3.1
Ssh Ssh2 3.1.3
Ssh Ssh2 3.1.4
Ssh Ssh2 3.1.1
Ssh Ssh2 3.1.2
10
CVSSv2
CVE-2001-0144
CORE SDI SSH1 CRC-32 compensation attack detector allows remote malicious users to execute arbitrary commands on an SSH server or client via an integer overflow.
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.3
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Openbsd Openssh 2.2
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
2 EDB exploits
9.3
CVSSv2
CVE-2019-3855
An integer overflow flaw which could lead to an out of bounds write exists in libssh2 prior to 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Libssh2 Libssh2
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Opensuse Leap 42.3
Apple Xcode
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
9.3
CVSSv2
CVE-2012-5975
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 up to and including 6.0.20, 6.1.0 up to and including 6.1.12, 6.2.0 up to and including 6.2.5, and 6.3.0 up to and including 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remot...
Ssh Tectia Server 6.0.13
Ssh Tectia Server 6.0.12
Ssh Tectia Server 6.0.11
Ssh Tectia Server 6.0.7
Ssh Tectia Server 6.1.3
Ssh Tectia Server 6.1.2
Ssh Tectia Server 6.1.0
Ssh Tectia Server 6.1.6
Ssh Tectia Server 6.1.1
Ssh Tectia Server 6.0.18
Ssh Tectia Server 6.0.14
Ssh Tectia Server 6.0.6
Ssh Tectia Server 6.0.9
Ssh Tectia Server 6.1.7
Ssh Tectia Server 6.1.4
Ssh Tectia Server 6.2.4
Ssh Tectia Server 6.2.2
Ssh Tectia Server 6.3.0
Ssh Tectia Server 6.0.4
Ssh Tectia Server 6.0.5
Ssh Tectia Server 6.0.20.
Ssh Tectia Server 6.1.12
2 EDB exploits
9.3
CVSSv2
CVE-2006-5051
Signal handler race condition in OpenSSH prior to 4.4 allows remote malicious users to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
Openbsd Openssh
Debian Debian Linux 3.1
Apple Mac Os X
Apple Mac Os X Server
8.5
CVSSv2
CVE-2018-19518
University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, wh...
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Uw-imap Project Uw-imap 2007f
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
4 Github repositories
7.8
CVSSv2
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
5 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »