Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
package ssh vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2003-0695
Multiple "buffer management errors" in OpenSSH prior to 3.7.1 may allow malicious users to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerabi...
Openbsd Openssh
890
VMScore
CVE-2003-0693
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH prior to 3.7 may allow remote malicious users to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
Openbsd Openssh
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
83 Github repositories
6 Articles
890
VMScore
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 up to and including 3.3 allows remote malicious users to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
Openbsd Openssh
1000
VMScore
CVE-2002-0640
Buffer overflow in sshd in OpenSSH 2.3.1 up to and including 3.3 may allow remote malicious users to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuth...
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 1.2.2
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.3
Openbsd Openssh 3.3p1
Openbsd Openssh 1.2.3
Openbsd Openssh 2.1
2 EDB exploits
802
VMScore
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
25 Github repositories
NA
CVE-2023-38325
The cryptography package prior to 41.0.2 for Python mishandles SSH certificates that have critical options.
Cryptography Project Cryptography
694
VMScore
CVE-2017-6648
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote malicious user to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (...
Cisco Telepresence Tc Software 5.1.4
Cisco Telepresence Tc Software 6.0.2
Cisco Telepresence Tc Software 6.3.2
Cisco Telepresence Tc Software 4.1 Base
Cisco Telepresence Tc Software 6.1.1-cucm
Cisco Telepresence Tc Software 7.3.2
Cisco Telepresence Tc Software 5.1 Base
Cisco Telepresence Tc Software 5.1.3-cucm
Cisco Telepresence Tc Software 5.1.6-cucm
Cisco Telepresence Tc Software 5.1.7
Cisco Telepresence Tc Software 7.1.4
Cisco Telepresence Tc Software 6.1.2-cucm
Cisco Telepresence Tc Software 7.3.6
Cisco Telepresence Tc Software 7.1.0
Cisco Telepresence Tc Software 4.1.2
Cisco Telepresence Tc Software 6.3.0
Cisco Telepresence Tc Software 6.0.1-cucm
Cisco Telepresence Tc Software 4.2.0
Cisco Telepresence Tc Software 6.1.0
Cisco Telepresence Tc Software 4.2.1
Cisco Telepresence Tc Software 6.3.1
Cisco Telepresence Tc Software 6.0.3
641
VMScore
CVE-2018-0294
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local malicious user to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not...
Cisco Nx-os 7.3\\(2\\)n1\\(0.354\\)
Cisco Nx-os 5.2\\(1\\)sv3\\(1.10\\)
Cisco Nx-os 8.8\\(3.5\\)s0
Cisco Nx-os 7.0\\(3\\)i2\\(4a\\)
Cisco Firepower Extensible Operating System
Cisco Fxos
Cisco Nx-os 4.1\\(2\\)e1\\(1a\\)
446
VMScore
CVE-2019-20916
The pip package prior to 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in...
Pypa Pip
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »