Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh ssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0844
The auth_via_key function in pam_ssh.c in pam_ssh prior to 1.92, when the allow_blank_passphrase option is disabled, allows remote malicious users to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase...
Pam Ssh Pam Ssh 1.91
7.5
CVSSv3
CVE-2017-2659
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts.
Dropbear Ssh Project Dropbear Ssh
NA
CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server prior to 6.0.0.9, (2) Reflection for Secure IT Windows Server prior to 6.0 build 38, (3) F-Secure SSH Server for Windows prior to 5....
Attachmatewrq Reflection For Secure It Server 6.0
F-secure F-secure Ssh Server 3.0.0
F-secure F-secure Ssh Server 3.0.6
F-secure F-secure Ssh Server 3.0.7
F-secure F-secure Ssh Server 3.2.3
F-secure F-secure Ssh Server 5.0
F-secure F-secure Ssh Server 3.0.1
F-secure F-secure Ssh Server 3.0.8
F-secure F-secure Ssh Server 3.0.9
F-secure F-secure Ssh Server 5.1
F-secure F-secure Ssh Server 5.2
F-secure F-secure Ssh Server 3.0.2
F-secure F-secure Ssh Server 3.0.3
F-secure F-secure Ssh Server 3.1.0
F-secure F-secure Ssh Server 5.3
F-secure F-secure Ssh Server 3.0.4
F-secure F-secure Ssh Server 3.0.5
F-secure F-secure Ssh Server 3.1.0 Build9
F-secure F-secure Ssh Server 3.2.0
NA
CVE-2008-0132
Pragma FortressSSH 5.0 Build 4 Revision 293 and previous versions handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote malicious users to cause a d...
Pragmasys Fortress Ssh 5.0
Pragmasys Fortress Ssh
1 EDB exploit
8.8
CVSSv3
CVE-2021-45099
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) prior to 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-i...
Ssh \\& Web Terminal Project Ssh \\& Web Terminal
NA
CVE-2002-1646
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote malicious users to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Ssh Secure Shell For Servers 3.0
Ssh Secure Shell For Servers 3.0.1
Ssh Secure Shell For Servers 3.1
Ssh Secure Shell For Servers 3.1.1
NA
CVE-1999-1085
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote malicious users to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and comput...
Ssh Secure Shell 1.2.23
Ssh Secure Shell 1.2.25
NA
CVE-2003-1119
SSH Secure Shell prior to 3.2.9 allows remote malicious users to cause a denial of service via malformed BER/DER packets.
Ssh Secure Shell 3.1
Ssh Secure Shell 3.2
NA
CVE-2003-1120
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
Ssh Tectia Server 4.0.3
Ssh Tectia Server 4.0.4
5.3
CVSSv3
CVE-2018-15599
The recv_msg_userauth_request function in svr-auth.c in Dropbear up to and including 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codeb...
Debian Debian Linux 8.0
Dropbear Ssh Project Dropbear Ssh
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »