Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-4321
fail2ban 0.8 and previous versions does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via...
Fail2ban Fail2ban 0.8
1 EDB exploit
676
VMScore
CVE-2012-4694
Moxa EDR-G903 series routers with firmware prior to 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle malicious users to spoof a device or modify a client-server data stream by leveraging knowledge of a key fr...
Moxa Edr G903 Firmware
Moxa Edr G903 Firmware 1.0
Moxa Edr G903 Firmware 2.0
Moxa Edr G903 Firmware 2.1
Moxa Edr-g903 -
668
VMScore
CVE-2021-38297
Go prior to 1.16.9 and 1.17.x prior to 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
Golang Go
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2 Github repositories
668
VMScore
CVE-2021-33195
Go prior to 1.15.13 and 1.16.x prior to 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
Golang Go
Netapp Cloud Insights Telegraf Agent -
668
VMScore
CVE-2021-3197
An issue exists in SaltStack Salt prior to 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
Saltstack Salt
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
668
VMScore
CVE-2020-25592
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
Saltstack Salt 3001
Saltstack Salt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
1 Article
668
VMScore
CVE-2020-16846
An issue exists in SaltStack Salt up to and including 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Saltstack Salt 3001
Saltstack Salt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Github repositories
1 Article
668
VMScore
CVE-2019-9895
In PuTTY versions prior to 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
668
VMScore
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Netapp Oncommand Unified Manager -
668
VMScore
CVE-2018-7749
The SSH server implementation of AsyncSSH prior to 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step.
Asyncssh Project Asyncssh
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »