Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1206
Matt Johnston Dropbear SSH server 0.47 and previous versions, as used in embedded Linux devices and on general-purpose operating systems, allows remote malicious users to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds...
Dropbear Ssh Project Dropbear Ssh
1 EDB exploit
NA
CVE-2007-1099
dbclient in Dropbear SSH client prior to 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote malicious users to conduct man-in-the-middle attacks.
Dropbear Ssh Project Dropbear Ssh
NA
CVE-2006-0705
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server prior to 6.0.0.9, (2) Reflection for Secure IT Windows Server prior to 6.0 build 38, (3) F-Secure SSH Server for Windows prior to 5....
Attachmatewrq Reflection For Secure It Server 6.0
F-secure F-secure Ssh Server 3.0.0
F-secure F-secure Ssh Server 3.0.6
F-secure F-secure Ssh Server 3.0.7
F-secure F-secure Ssh Server 3.2.3
F-secure F-secure Ssh Server 5.0
F-secure F-secure Ssh Server 3.0.1
F-secure F-secure Ssh Server 3.0.8
F-secure F-secure Ssh Server 3.0.9
F-secure F-secure Ssh Server 5.1
F-secure F-secure Ssh Server 5.2
F-secure F-secure Ssh Server 3.0.2
F-secure F-secure Ssh Server 3.0.3
F-secure F-secure Ssh Server 3.1.0
F-secure F-secure Ssh Server 5.3
F-secure F-secure Ssh Server 3.0.4
F-secure F-secure Ssh Server 3.0.5
F-secure F-secure Ssh Server 3.1.0 Build9
F-secure F-secure Ssh Server 3.2.0
NA
CVE-2008-0132
Pragma FortressSSH 5.0 Build 4 Revision 293 and previous versions handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote malicious users to cause a d...
Pragmasys Fortress Ssh 5.0
Pragmasys Fortress Ssh
1 EDB exploit
8.8
CVSSv3
CVE-2021-45099
The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) prior to 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-i...
Ssh \\& Web Terminal Project Ssh \\& Web Terminal
NA
CVE-2002-1646
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote malicious users to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Ssh Secure Shell For Servers 3.0
Ssh Secure Shell For Servers 3.0.1
Ssh Secure Shell For Servers 3.1
Ssh Secure Shell For Servers 3.1.1
NA
CVE-2003-1119
SSH Secure Shell prior to 3.2.9 allows remote malicious users to cause a denial of service via malformed BER/DER packets.
Ssh Secure Shell 3.1
Ssh Secure Shell 3.2
NA
CVE-2003-1120
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
Ssh Tectia Server 4.0.3
Ssh Tectia Server 4.0.4
NA
CVE-1999-1085
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote malicious users to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and comput...
Ssh Secure Shell 1.2.23
Ssh Secure Shell 1.2.25
4.7
CVSSv3
CVE-2017-9079
Dropbear prior to 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »