Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5794
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH prior to 4.5 causes weaker verification that authentication has been successful, which might allow malicious users to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only ...
Openbsd Openssh
9.8
CVSSv3
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 up to and including 3.3 allows remote malicious users to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
Openbsd Openssh
NA
CVE-2014-1692
The hash_buffer function in schnorr.c in OpenSSH up to and including 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote malicious users to cause a denial of service (memory corruption) or have un...
Openbsd Openssh
NA
CVE-2008-3844
Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious pac...
Openbsd Openssh
NA
CVE-2001-0529
OpenSSH version 2.9 and previous versions, with X forwarding enabled, allows a local malicious user to delete any file named 'cookies' via a symlink attack.
Openbsd Openssh
7.3
CVSSv3
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH prior to 7.4 allows remote malicious users to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Openbsd Openssh
1 EDB exploit
2 Github repositories
7
CVSSv3
CVE-2016-10010
sshd in OpenSSH prior to 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
Openbsd Openssh
1 EDB exploit
7.8
CVSSv3
CVE-2016-10012
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH prior to 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation ...
Openbsd Openssh
5.5
CVSSv3
CVE-2016-10011
authfile.c in sshd in OpenSSH prior to 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
Openbsd Openssh
NA
CVE-2004-1653
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
Openbsd Openssh
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »