Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-25592
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
Saltstack Salt 3001
Saltstack Salt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
1 Article
187
VMScore
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Openbsd Openssh 1.2.27
1 Github repository
561
VMScore
CVE-2012-5014
Cisco IOS prior to 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
Cisco Ios
Cisco Ios 15.1\\(1\\)sy1
Cisco Ios 15.1
Cisco Ios 15.1\\(1\\)sy2
Cisco Ios 15.1\\(1\\)sy
578
VMScore
CVE-2019-1859
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an malicious user to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the...
Cisco Sg200-50 Firmware
Cisco Sg200-50p Firmware
Cisco Sg200-50fp Firmware
Cisco Sg200-26 Firmware
Cisco Sg200-26p Firmware
Cisco Sg200-26fp Firmware
Cisco Sg200-18 Firmware
Cisco Sg200-10fp Firmware
Cisco Sg200-08 Firmware
Cisco Sg200-08p Firmware
Cisco Sf200-24 Firmware
Cisco Sf200-24p Firmware
Cisco Sf200-24fp Firmware
Cisco Sf200-48 Firmware
Cisco Sf200-48p Firmware
Cisco Sf302-08pp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-28pp Firmware
572
VMScore
CVE-2019-3861
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
409
VMScore
CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Celestial Software Absolutetelnet 2.11
NA
CVE-2023-43660
Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. The SSH key verification for a user can be bypassed by sending an SSH key offer without a signature. This allows bypassing authentication under following conditions: 1. The...
Warpgate Project Warpgate
605
VMScore
CVE-2001-1585
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote malicious users to...
Openbsd Openssh 2.3.1
890
VMScore
CVE-2017-14459
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username param...
Moxa Awk-3131a Firmware 1.7
Moxa Awk-3131a Firmware 1.5
Moxa Awk-3131a Firmware 1.4
Moxa Awk-3131a Firmware 1.6
NA
CVE-2023-28436
Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to before 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that...
Tailscale Tailscale
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »