Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
188
VMScore
CVE-2016-10011
authfile.c in sshd in OpenSSH prior to 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
Openbsd Openssh
643
VMScore
CVE-2016-10012
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH prior to 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation ...
Openbsd Openssh
570
VMScore
CVE-2004-1653
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
Openbsd Openssh
383
VMScore
CVE-2020-14145
The client side in OpenSSH 5.7 up to and including 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached ...
Openbsd Openssh 8.4
Openbsd Openssh
Openbsd Openssh 8.5
Openbsd Openssh 8.6
Netapp Aff A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
1 Github repository
668
VMScore
CVE-2003-0386
OpenSSH 3.6.1 and previous versions, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote malicious users to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose r...
Openbsd Openssh 3.6.1
668
VMScore
CVE-2000-1169
OpenSSH SSH client prior to 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Openbsd Openssh 2.2
445
VMScore
CVE-2005-2797
OpenSSH 4.0, and other versions prior to 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
Openbsd Openssh 4.0
187
VMScore
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Openbsd Openssh 1.2.27
1 Github repository
445
VMScore
CVE-2006-4925
packet.c in ssh in OpenSSH allows remote malicious users to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
Openbsd Openssh 4.5
446
VMScore
CVE-2020-12062
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirec...
Openbsd Openssh 8.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »