Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-0310
SSH 1.2.25 on HP-UX allows access to new user accounts.
Ssh Ssh 1.2.25
7.2
CVSSv2
CVE-2000-0575
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote malicious users to sniff the ticket cache if the home directory is installed on NFS.
Ssh Ssh 1.2.27
2.1
CVSSv2
CVE-1999-0787
The SSH authentication agent follows symlinks via a UNIX domain socket.
Ssh Ssh 1.2.27
1 EDB exploit
7.2
CVSSv2
CVE-2007-5616
ssh-signer in SSH Tectia Client and Server 5.x prior to 5.2.4, and 5.3.x prior to 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors.
Ssh Tectia Client
Ssh Tectia Server
9.3
CVSSv2
CVE-2007-1654
Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) prior to 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to m...
Netsieben Netsieben Ssh Library 1.1
Netsieben Netsieben Ssh Library 1.2.0
Netsieben Netsieben Ssh Library 1.03
Netsieben Netsieben Ssh Library 1.1.6
Netsieben Netsieben Ssh Library 1.1.5
7.5
CVSSv2
CVE-2005-4310
SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials.
Ssh Tectia Server 5.0.0 A
Ssh Tectia Server 5.0.0 F
Ssh Tectia Server 5.0.0 T
7.5
CVSSv2
CVE-2018-14440
An issue exists in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageAction_queryNotice.action noticeInfo parameter.
Ssh Companywebsite Project Ssh Companywebsite
7.5
CVSSv2
CVE-2018-14441
An issue exists in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type.
Ssh Companywebsite Project Ssh Companywebsite
6.5
CVSSv2
CVE-2016-7408
The dbclient in Dropbear SSH prior to 2016.74 allows remote malicious users to execute arbitrary code via a crafted (1) -m or (2) -c argument.
Dropbear Ssh Project Dropbear Ssh
5
CVSSv2
CVE-2019-12953
Dropbear 2011.54 up to and including 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.
Dropbear Ssh Project Dropbear Ssh
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »