Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2010-0150
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 prior to 7.0(8.10), 7.2 prior to 7.2(4.45), 8.0 prior to 8.0(5.2), 8.1 prior to 8.1(2.37), and 8.2 prior to 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote malicious users to ...
Cisco Asa 5500 8.0
Cisco Pix 500
Cisco Asa 5500 8.2
Cisco Asa 5500 7.2
Cisco Asa 5500 7.1
Cisco Asa 5500 8.1
7.8
CVSSv2
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
25 Github repositories
7.8
CVSSv2
CVE-2006-2937
OpenSSL 0.9.7 prior to 0.9.7l and 0.9.8 prior to 0.9.8d allows remote malicious users to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
7.8
CVSSv2
CVE-2006-2940
OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certif...
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.7e
7.8
CVSSv2
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 2.2
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 1.2.3
Openbsd Openssh 3.7
Openbsd Openssh 4.0p1
1 EDB exploit
7.6
CVSSv2
CVE-2012-4694
Moxa EDR-G903 series routers with firmware prior to 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle malicious users to spoof a device or modify a client-server data stream by leveraging knowledge of a key fr...
Moxa Edr G903 Firmware
Moxa Edr G903 Firmware 1.0
Moxa Edr G903 Firmware 2.0
Moxa Edr G903 Firmware 2.1
Moxa Edr-g903 -
7.5
CVSSv2
CVE-2021-38297
Go prior to 1.16.9 and 1.17.x prior to 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2 Github repositories
7.5
CVSSv2
CVE-2021-33195
Go prior to 1.15.13 and 1.16.x prior to 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
Golang Go
Netapp Cloud Insights Telegraf Agent -
7.5
CVSSv2
CVE-2021-3197
An issue exists in SaltStack Salt prior to 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
Saltstack Salt
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2020-25592
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
Saltstack Salt 3001
Saltstack Salt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »