Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
package ssh vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2015-2907
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote malicious users to obtain access by leveraging knowledge of the required username and password.
Mobile Devices C4 Obd-ii Dongle Firmware
801
VMScore
CVE-2015-2908
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, do not validate firmware updates, which allows remote malicious users to execute arbitrary code by specifying an update server.
Mobile Devices C4 Obd-ii Dongle Firmware
642
VMScore
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
356
VMScore
CVE-2011-0437
shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) prior to 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_account parameter in a deletesshaccount Delete action.
Gplhost Domain Technologie Control
Gplhost Domain Technologie Control 0.29.8
Gplhost Domain Technologie Control 0.28.9
Gplhost Domain Technologie Control 0.32.1
Gplhost Domain Technologie Control 0.25.3
Gplhost Domain Technologie Control 0.30.6
Gplhost Domain Technologie Control 0.26.9
Gplhost Domain Technologie Control 0.29.1
Gplhost Domain Technologie Control 0.27.3
Gplhost Domain Technologie Control 0.28.4
Gplhost Domain Technologie Control 0.32.3
Gplhost Domain Technologie Control 0.28.10
Gplhost Domain Technologie Control 0.25.1
Gplhost Domain Technologie Control 0.30.18
Gplhost Domain Technologie Control 0.26.8
Gplhost Domain Technologie Control 0.28.6
Gplhost Domain Technologie Control 0.28.2
Gplhost Domain Technologie Control 0.32.2
Gplhost Domain Technologie Control 0.29.14
Gplhost Domain Technologie Control 0.29.17
Gplhost Domain Technologie Control 0.26.7
Gplhost Domain Technologie Control 0.29.16
694
VMScore
CVE-2010-0137
Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 up to and including 3.7.0 allows remote malicious users to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.
Cisco Ios Xr 3.5.3
Cisco Ios Xr 3.5.4
Cisco Ios Xr 3.4.1
Cisco Ios Xr 3.4.2
Cisco Ios Xr 3.7.0
Cisco Ios Xr 3.6.0
Cisco Ios Xr 3.6.1
Cisco Ios Xr 3.4.3
Cisco Ios Xr 3.5.2
756
VMScore
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another ...
Craig Barratt Backuppc 3.1.0
802
VMScore
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
25 Github repositories
614
VMScore
CVE-2008-1483
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emac...
Openbsd Openssh 4.3p2
694
VMScore
CVE-2007-6360
Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware prior to 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote malicious users to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3)...
Sun Extended System Control Facility Xcp 1040
828
VMScore
CVE-2007-4995
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8f allows remote malicious users to execute arbitrary code via unspecified vectors.
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »