Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-6548
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
Citrix Netscaler Gateway
Citrix Netscaler Application Delivery Controller
1 Github repository
2 Articles
7.5
CVSSv3
CVE-2023-6549
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
Citrix Netscaler Gateway
Citrix Netscaler Application Delivery Controller
2 Articles
6.8
CVSSv3
CVE-2023-46446
An issue in AsyncSSH prior to 2.14.1 allows malicious users to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."
Asyncssh Project Asyncssh
1 Github repository
1 Article
NA
CVE-2001-0080
Cisco Catalyst 6000, 5000, or 4000 switches allow remote malicious users to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
Cisco Catalyst 5000
Cisco Catalyst 6000
Cisco Catalyst 4000
1 EDB exploit
5.9
CVSSv3
CVE-2019-6111
An issue exists in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Fedoraproject Fedora 30
Apache Mina Sshd 2.2.0
2 EDB exploits
3 Github repositories
1 Article
5.9
CVSSv3
CVE-2023-46445
An issue in AsyncSSH prior to 2.14.1 allows malicious users to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."
Asyncssh Project Asyncssh
1 Github repository
1 Article
5.3
CVSSv3
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
Openbsd Openssh
Winscp Winscp
Netapp Cloud Backup -
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
1 Github repository
1 Article
NA
CVE-2003-0259
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x up to and including 3.6.7 allows remote malicious users to cause a denial of service (reload) via a malformed SSH initialization packet.
Cisco Vpn 3000 Concentrator Series Software 2.5.2.c
Cisco Vpn 3000 Concentrator Series Software 2.5.2.d
Cisco Vpn 3000 Concentrator Series Software 3.1\\(rel\\)
Cisco Vpn 3000 Concentrator Series Software 3.1.1
Cisco Vpn 3000 Concentrator Series Software 3.5.4
Cisco Vpn 3000 Concentrator Series Software 3.5.5
Cisco Vpn 3000 Concentrator Series Software 3.6.7.a
Cisco Vpn 3000 Concentrator Series Software 3.6.7.b
Cisco Vpn 3060 Concentrator
Cisco Vpn 3080 Concentrator
Cisco Vpn 3000 Concentrator Series Software 3.0.3.a
Cisco Vpn 3000 Concentrator Series Software 3.0.3.b
Cisco Vpn 3000 Concentrator Series Software 3.5\\(rel\\)
Cisco Vpn 3000 Concentrator Series Software 3.5.1
Cisco Vpn 3015 Concentrator
Cisco Vpn 3030 Concentator
Cisco Vpn 3000 Concentrator Series Software 2.5.2.f
Cisco Vpn 3000 Concentrator Series Software 3.0
Cisco Vpn 3000 Concentrator Series Software 3.1.2
Cisco Vpn 3000 Concentrator Series Software 3.1.4
Cisco Vpn 3000 Concentrator Series Software 3.6
Cisco Vpn 3000 Concentrator Series Software 3.6.1
8.8
CVSSv3
CVE-2017-12426
GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 8.17.8, 9.0.x prior to 9.0.13, 9.1.x prior to 9.1.10, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.10, and 9.4.x prior to 9.4.4 might allow remote malicious users to execute arbitrary code via a crafted SSH URL in a ...
Gitlab Gitlab 9.2.2
Gitlab Gitlab 9.0.9
Gitlab Gitlab 9.0.2
Gitlab Gitlab 9.4.0
Gitlab Gitlab 9.0.8
Gitlab Gitlab 9.0.1
Gitlab Gitlab 9.0.6
Gitlab Gitlab 9.3.4
Gitlab Gitlab 9.1.6
Gitlab Gitlab 9.0.12
Gitlab Gitlab 9.3.6
Gitlab Gitlab 9.2.8
Gitlab Gitlab 9.1.7
Gitlab Gitlab 9.1.1
Gitlab Gitlab 9.2.4
Gitlab Gitlab 9.3.2
Gitlab Gitlab 9.0.5
Gitlab Gitlab 9.1.8
Gitlab Gitlab 9.3.1
Gitlab Gitlab 9.2.1
Gitlab Gitlab 9.0.0
Gitlab Gitlab 9.1.4
6.8
CVSSv3
CVE-2019-6109
An issue exists in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transfer...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »