Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2014-2532
sshd in OpenSSH prior to 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote malicious users to bypass intended environment restrictions by using a substring located before a wildcard character.
Oracle Communications User Data Repository 10.0.1
Openbsd Openssh
Openbsd Openssh 6.0
Openbsd Openssh 6.3
Openbsd Openssh 6.1
Openbsd Openssh 6.4
Openbsd Openssh 6.2
506
VMScore
CVE-2020-9283
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.
Golang Package Ssh 0.0.0-20200220183623-bac4c82f6975
Debian Debian Linux 9.0
1 EDB exploit
3 Github repositories
505
VMScore
CVE-2003-0543
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote malicious users to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
1 EDB exploit
505
VMScore
CVE-2002-0659
The ASN1 library in OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, allows remote malicious users to cause a denial of service via invalid encodings.
Oracle Http Server 9.0.1
Oracle Corporate Time Outlook Connector 3.1
Oracle Corporate Time Outlook Connector 3.1.2
Openssl Openssl 0.9.3
Openssl Openssl 0.9.7
Oracle Application Server
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.4
Oracle Http Server 9.2.0
Openssl Openssl 0.9.5a
Oracle Corporate Time Outlook Connector 3.3
Openssl Openssl 0.9.6b
Oracle Application Server 1.0.2.1s
Openssl Openssl 0.9.6c
Oracle Application Server 1.0.2.2
Oracle Corporate Time Outlook Connector 3.1.1
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.5
Oracle Application Server 1.0.2
1 EDB exploit
505
VMScore
CVE-2001-0080
Cisco Catalyst 6000, 5000, or 4000 switches allow remote malicious users to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
Cisco Catalyst 5000
Cisco Catalyst 6000
Cisco Catalyst 4000
1 EDB exploit
505
VMScore
CVE-2000-0992
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Ssh Ssh 1.2.21
Ssh Ssh 1.2.15
Ssh Ssh 1.2.14
Ssh Ssh 1.2.19
Ssh Ssh 1.2.31
Ssh Ssh 1.2.24
Ssh Ssh 1.2.18
Openbsd Openssh 1.2.3
Ssh Ssh 1.2.20
Openbsd Openssh 1.2
Ssh Ssh 1.2.25
Ssh Ssh 1.2.17
Ssh Ssh 1.2.30
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.16
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.22
Ssh Ssh 1.2.23
1 EDB exploit
490
VMScore
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire & Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
490
VMScore
CVE-2018-0381
A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition th...
Cisco Aironet Access Points 8.2(166.0)
Cisco Aironet Access Points 8.2(167.3)
Cisco Aironet Access Points 8.3(133.0)
Cisco Aironet Access Points 8.3(141.10)
Cisco Aironet Access Points 8.5(120.0)
Cisco Aironet Access Points 8.7(1.107)
Cisco Aironet Access Points 8.7(1.96)
Cisco Aironet Access Points 8.7(1.99)
446
VMScore
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go prior to 1.17.9 and 1.18.x prior to 1.18.1 allows a panic via long scalar input.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 7.0
446
VMScore
CVE-2022-21716
Twisted is an event-based framework for internet applications, supporting Python 3.6+. before 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the availabl...
Twistedmatrix Twisted
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Fedoraproject Fedora 35
Fedoraproject Fedora 36
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »