Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
putty putty vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-33500
PuTTY prior to 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affec...
Putty Putty
1 Github repository
5.5
CVSSv3
CVE-2020-8585
OnCommand Unified Manager Core Package versions before 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
Netapp Oncommand Unified Manager
5.9
CVSSv3
CVE-2020-14002
PuTTY 0.68 up to and including 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached by the client).
Putty Putty
Netapp Oncommand Unified Manager Core Package -
Fedoraproject Fedora 31
Fedoraproject Fedora 32
9.8
CVSSv3
CVE-2019-17067
PuTTY prior to 0.73 on Windows improperly opens port-forwarding listening sockets, which allows malicious users to listen on the same port to steal an incoming connection.
Putty Putty
7.5
CVSSv3
CVE-2019-17068
PuTTY prior to 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.
Putty Putty
Opensuse Leap 15.1
Opensuse Leap 15.0
7.5
CVSSv3
CVE-2019-17069
PuTTY prior to 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
Putty Putty
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
9.8
CVSSv3
CVE-2019-9895
In PuTTY versions prior to 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2019-9897
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Unified Manager -
Opensuse Leap 15.0
1 Github repository
9.8
CVSSv3
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Netapp Oncommand Unified Manager -
7.5
CVSSv3
CVE-2019-9894
A remotely triggerable memory overwrite in RSA key exchange in PuTTY prior to 0.71 can occur before host key verification.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Unified Manager -
Opensuse Leap 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »