Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-14871
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromis...
Oracle Solaris 9
Oracle Solaris
2 Github repositories
9.8
CVSSv3
CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH prior to 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this ...
Openbsd Openssh
Openbsd Openssh 9.3
Fedoraproject Fedora 37
Fedoraproject Fedora 38
10 Github repositories
9.8
CVSSv3
CVE-2023-28531
ssh-add in OpenSSH prior to 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
Openbsd Openssh
Netapp Solidfire Element Os -
Netapp Hci Bootstrap Os -
Netapp Brocade Fabric Operating System -
3 Github repositories
9.8
CVSSv3
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 (and later)...
Akkadianlabs Ova Appliance
Akkadianlabs Provisioning Manager
9.8
CVSSv3
CVE-2016-7407
The dropbearconvert command in Dropbear SSH prior to 2016.74 allows malicious users to execute arbitrary code via a crafted OpenSSH key file.
Dropbear Ssh Project Dropbear Ssh
9.8
CVSSv3
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 up to and including 3.3 allows remote malicious users to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
Openbsd Openssh
9.8
CVSSv3
CVE-2002-0083
Off-by-one error in the channel code of OpenSSH 2.0 up to and including 3.0.2 allows local users or remote malicious servers to gain privileges.
Conectiva Linux Graficas
Immunix Immunix 7.0
Conectiva Linux 6.0
Conectiva Linux 5.1
Openpkg Openpkg 1.0
Conectiva Linux Ecommerce
Mandrakesoft Mandrake Single Network Firewall 7.2
Conectiva Linux 7.0
Conectiva Linux 5.0
Openbsd Openssh
Mandrakesoft Mandrake Linux 7.2
Trustix Secure Linux 1.1
Suse Suse Linux 7.1
Redhat Linux 7.0
Redhat Linux 7.2
Mandrakesoft Mandrake Linux 8.1
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Mandrakesoft Mandrake Linux 7.1
Suse Suse Linux 7.3
Suse Suse Linux 7.0
Trustix Secure Linux 1.5
Suse Suse Linux 6.4
1 EDB exploit
8.8
CVSSv3
CVE-2016-1235
The oarsh script in OAR prior to 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors related to OpenSSH options.
Oar Project Oar
Debian Debian Linux 8.0
8.5
CVSSv3
CVE-2017-5243
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and ...
Rapid7 Nexpose
8.1
CVSSv3
CVE-2019-7639
An issue exists in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Gsi-openssh Project Gsi-openssh 7.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »