Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0096
Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and previous versions allow remote malicious users to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password.
Georgia Softworks Ssh2 Server
1 EDB exploit
NA
CVE-2008-0097
Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and previous versions allows remote malicious users to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword messa...
Georgia Softworks Ssh2 Server
NA
CVE-1999-0398
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
Ssh Ssh2 2.0.11
Ssh Ssh 1.2.27
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
NA
CVE-2001-0553
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
Ssh Secure Shell 3.0.0
1 EDB exploit
NA
CVE-2007-5600
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file ...
Artmedic Webdesign Artmedic Cms
1 EDB exploit
NA
CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Celestial Software Absolutetelnet 2.11
NA
CVE-2011-1624
Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote malicious users to cause a denial of service (device reload) by establishing two SSH2 sessions, aka Bug ID CSCto62631.
Cisco Ios 12.2\\(58\\)se
NA
CVE-2003-0047
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and previous versions, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH creden...
Van Dyke Technologies Securecrt 3.4.7
Van Dyke Technologies Securecrt 4.0.2
Van Dyke Technologies Securefx 2.0.4
Van Dyke Technologies Securefx 2.1.2
Van Dyke Technologies Entunnel
NA
CVE-2010-2695
Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions prior to 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rena...
Xlightftpd Xlight Ftp Server 3.5
Xlightftpd Xlight Ftp Server 3.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »