Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote malicious users to cause a denial of service against SSH servers.
Golang Ssh
2 Github repositories
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
5
CVSSv2
CVE-2020-9283
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.
Golang Package Ssh 0.0.0-20200220183623-bac4c82f6975
Debian Debian Linux 9.0
1 EDB exploit
3 Github repositories
NA
CVE-2022-36881
Jenkins Git client Plugin 3.11.0 and previous versions does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Jenkins Git Client
6.8
CVSSv2
CVE-2012-5445
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software prior to 9.3.1-ES10 does not properly validate unspecified system calls, which allows malicious users to execute arbitrary code or cause a denial of service (memory ...
Cisco Skinny Client Control Protocol Software
Cisco Skinny Client Control Protocol Software 1.0(1)
Cisco Skinny Client Control Protocol Software 1.0(2)
Cisco Skinny Client Control Protocol Software 1.0(3)
Cisco Skinny Client Control Protocol Software 1.0(4)
Cisco Skinny Client Control Protocol Software 1.0(5)
Cisco Skinny Client Control Protocol Software 1.0(9)
Cisco Skinny Client Control Protocol Software 1.1(1)
Cisco Skinny Client Control Protocol Software 1.2(1)
Cisco Skinny Client Control Protocol Software 1.3(1)
Cisco Skinny Client Control Protocol Software 1.3(2)
Cisco Skinny Client Control Protocol Software 1.3(3)
Cisco Skinny Client Control Protocol Software 1.3(4)
Cisco Skinny Client Control Protocol Software 1.4(1)
Cisco Skinny Client Control Protocol Software 1.4(2)
Cisco Skinny Client Control Protocol Software 2.0(0)
Cisco Skinny Client Control Protocol Software 2.0(1)
Cisco Skinny Client Control Protocol Software 3.0
Cisco Skinny Client Control Protocol Software 3.0(0)
Cisco Skinny Client Control Protocol Software 3.0(1)
Cisco Skinny Client Control Protocol Software 3.0(2)
Cisco Skinny Client Control Protocol Software 3.1
7.2
CVSSv2
CVE-2006-0181
Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
Cisco Cs-mars 4.1.2
Cisco Cs-mars 4.1
4.3
CVSSv2
CVE-2022-29620
FileZilla v3.59.0 allows malicious users to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability
Filezilla-project Filezilla Client 3.59.0
NA
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
10
CVSSv2
CVE-2002-1359
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote malicious users to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.2s
Cisco Ios 12.2t
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Putty Putty 0.48
Putty Putty 0.49
Putty Putty 0.53
Winscp Winscp 2.0.0
2 EDB exploits
10
CVSSv2
CVE-2002-1360
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote malicious users to cause a denial of service or possibly execute arbitrary code due to interactions with t...
Cisco Ios 12.0s
Cisco Ios 12.0st
Cisco Ios 12.1e
Cisco Ios 12.1ea
Cisco Ios 12.1t
Cisco Ios 12.2
Cisco Ios 12.2s
Cisco Ios 12.2t
Fissh Ssh Client 1.0a For Windows
Intersoft Securenetterm 5.4.1
Netcomposite Shellguard Ssh 3.4.6
Pragma Systems Secureshell 2.0
Putty Putty 0.48
Putty Putty 0.49
Putty Putty 0.53
Winscp Winscp 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »