Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28113
russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and...
Russh Project Russh
Russh Project Russh 0.37.0
605
VMScore
CVE-2007-4323
DenyHosts 2.6 does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client pr...
Denyhosts Denyhosts 2.6
516
VMScore
CVE-2019-17498
In libssh2 v1.9.0 and previous versions versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an malicious user to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclo...
Libssh2 Libssh2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Bootstrap Os -
1 Github repository
516
VMScore
CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and previous versions allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Openbsd Openssh 6.4
Openbsd Openssh 6.3
Openbsd Openssh 6.5
Openbsd Openssh 6.2
Openbsd Openssh 6.1
Openbsd Openssh 6.0
Openbsd Openssh
187
VMScore
CVE-2013-4208
The rsa_verify function in PuTTY prior to 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.
Putty Putty 0.54
Putty Putty 0.53b
Simon Tatham Putty 0.53
Putty Putty 0.52
Putty Putty 0.61
Simon Tatham Putty
Putty Putty 0.60
Putty Putty 0.59
Putty Putty 0.47
Putty Putty 0.46
Putty Putty 0.45
Putty Putty 0.57
Putty Putty 0.55
Putty Putty 0.51
Putty Putty 0.49
Putty Putty 0.58
Putty Putty 0.56
Putty Putty 0.50
Putty Putty 0.48
187
VMScore
CVE-2011-4607
PuTTY 0.59 up to and including 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.
Putty Putty 0.61
Putty Putty 0.60
Putty Putty 0.59
668
VMScore
CVE-2019-9895
In PuTTY versions prior to 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
785
VMScore
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 4.2
Openbsd Openssh 4.2p1
Openbsd Openssh 1.2
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
1 EDB exploit
572
VMScore
CVE-2019-3862
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
668
VMScore
CVE-2021-3197
An issue exists in SaltStack Salt prior to 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
Saltstack Salt
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »