Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
putty vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-17069
PuTTY prior to 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
Putty Putty
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
5
CVSSv2
CVE-2019-9897
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Unified Manager -
Opensuse Leap 15.0
1 Github repository
5
CVSSv2
CVE-2000-0476
xterm, Eterm, and rxvt allow an malicious user to cause a denial of service by embedding certain escape characters which force the window to be resized.
Putty Putty 0.48
Xfree86 Project X11r6 3.3.3
Xfree86 Project X11r6 4.0
Michael Jennings Eterm 0.8.10
Rxvt Rxvt 2.6.1
1 EDB exploit
4.6
CVSSv2
CVE-2019-9896
In PuTTY versions prior to 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
Putty Putty
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
4.6
CVSSv2
CVE-2003-0048
PuTTY 0.53b and previous versions does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Putty Putty 0.53b
Putty Putty 0.49
Putty Putty 0.53
Putty Putty 0.48
4.4
CVSSv2
CVE-2016-6167
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.
Putty Putty 0.67
4.3
CVSSv2
CVE-2020-14002
PuTTY 0.68 up to and including 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached by the client).
Putty Putty
Netapp Oncommand Unified Manager Core Package -
Fedoraproject Fedora 31
Fedoraproject Fedora 32
4.3
CVSSv2
CVE-2015-5309
Integer overflow in the terminal emulator in PuTTY prior to 0.66 allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer u...
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Simon Tatham Putty
4.3
CVSSv2
CVE-2013-4207
Buffer overflow in sshbn.c in PuTTY prior to 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum fun...
Putty Putty 0.57
Putty Putty 0.56
Putty Putty 0.55
Putty Putty 0.54
Putty Putty 0.53b
Simon Tatham Putty
Putty Putty 0.49
Putty Putty 0.48
Putty Putty 0.47
Putty Putty 0.46
Putty Putty 0.60
Putty Putty 0.58
Putty Putty 0.52
Putty Putty 0.50
Putty Putty 0.45
Putty Putty 0.61
Putty Putty 0.59
Simon Tatham Putty 0.53
Putty Putty 0.51
Putty Putty 2010-06-01
2.1
CVSSv2
CVE-2020-8585
OnCommand Unified Manager Core Package versions before 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
Netapp Oncommand Unified Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »