Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2014-2532
sshd in OpenSSH prior to 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote malicious users to bypass intended environment restrictions by using a substring located before a wildcard character.
Oracle Communications User Data Repository 10.0.1
Openbsd Openssh
Openbsd Openssh 6.0
Openbsd Openssh 6.3
Openbsd Openssh 6.1
Openbsd Openssh 6.4
Openbsd Openssh 6.2
5.5
CVSSv2
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire & Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.5
CVSSv2
CVE-2018-0381
A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition th...
Cisco Aironet Access Points 8.2(166.0)
Cisco Aironet Access Points 8.2(167.3)
Cisco Aironet Access Points 8.3(133.0)
Cisco Aironet Access Points 8.3(141.10)
Cisco Aironet Access Points 8.5(120.0)
Cisco Aironet Access Points 8.7(1.107)
Cisco Aironet Access Points 8.7(1.96)
Cisco Aironet Access Points 8.7(1.99)
5
CVSSv2
CVE-2022-29526
Go prior to 1.17.10 and 1.18.x prior to 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Golang Go
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Beegfs Csi Driver -
5
CVSSv2
CVE-2022-27781
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to ret...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5
CVSSv2
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, s...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5
CVSSv2
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go prior to 1.17.9 and 1.18.x prior to 1.18.1 allows a panic via long scalar input.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 7.0
5
CVSSv2
CVE-2022-24675
encoding/pem in Go prior to 1.17.9 and 1.18.x prior to 1.18.1 has a Decode stack overflow via a large amount of PEM data.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Kubernetes Monitoring Operator -
1 Github repository
5
CVSSv2
CVE-2022-24921
regexp.Compile in Go prior to 1.16.15 and 1.17.x prior to 1.17.8 allows stack exhaustion via a deeply nested expression.
Golang Go
Netapp Astra Trident -
Debian Debian Linux 9.0
1 Github repository
5
CVSSv2
CVE-2022-21716
Twisted is an event-based framework for internet applications, supporting Python 3.6+. before 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the availabl...
Twistedmatrix Twisted
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »