Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-4421
The buf_decompress function in packet.c in Dropbear SSH Server prior to 2013.59 allows remote malicious users to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.
Dropbear Ssh Project Dropbear Ssh
445
VMScore
CVE-2019-12953
Dropbear 2011.54 up to and including 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.
Dropbear Ssh Project Dropbear Ssh
578
VMScore
CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server prior to 6.0.0.9, (2) Reflection for Secure IT Windows Server prior to 6.0 build 38, (3) F-Secure SSH Server for Windows prior to 5....
Attachmatewrq Reflection For Secure It Server 6.0
F-secure F-secure Ssh Server 3.0.0
F-secure F-secure Ssh Server 3.0.6
F-secure F-secure Ssh Server 3.0.7
F-secure F-secure Ssh Server 3.2.3
F-secure F-secure Ssh Server 5.0
F-secure F-secure Ssh Server 3.0.1
F-secure F-secure Ssh Server 3.0.8
F-secure F-secure Ssh Server 3.0.9
F-secure F-secure Ssh Server 5.1
F-secure F-secure Ssh Server 5.2
F-secure F-secure Ssh Server 3.0.2
F-secure F-secure Ssh Server 3.0.3
F-secure F-secure Ssh Server 3.1.0
F-secure F-secure Ssh Server 5.3
F-secure F-secure Ssh Server 3.0.4
F-secure F-secure Ssh Server 3.0.5
F-secure F-secure Ssh Server 3.1.0 Build9
F-secure F-secure Ssh Server 3.2.0
505
VMScore
CVE-2008-0132
Pragma FortressSSH 5.0 Build 4 Revision 293 and previous versions handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote malicious users to cause a d...
Pragmasys Fortress Ssh 5.0
Pragmasys Fortress Ssh
1 EDB exploit
605
VMScore
CVE-2021-45099
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) prior to 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-i...
Ssh \\& Web Terminal Project Ssh \\& Web Terminal
668
VMScore
CVE-2002-1646
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote malicious users to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Ssh Secure Shell For Servers 3.0
Ssh Secure Shell For Servers 3.0.1
Ssh Secure Shell For Servers 3.1
Ssh Secure Shell For Servers 3.1.1
445
VMScore
CVE-1999-1085
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote malicious users to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and comput...
Ssh Secure Shell 1.2.23
Ssh Secure Shell 1.2.25
329
VMScore
CVE-2003-1120
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
Ssh Tectia Server 4.0.3
Ssh Tectia Server 4.0.4
445
VMScore
CVE-2003-1119
SSH Secure Shell prior to 3.2.9 allows remote malicious users to cause a denial of service via malformed BER/DER packets.
Ssh Secure Shell 3.1
Ssh Secure Shell 3.2
446
VMScore
CVE-2018-15599
The recv_msg_userauth_request function in svr-auth.c in Dropbear up to and including 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codeb...
Debian Debian Linux 8.0
Dropbear Ssh Project Dropbear Ssh
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »