Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4559
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh ...
Libssh Libssh
Libssh Libssh 0.4.7
Libssh Libssh 0.5.0
Libssh Libssh 0.4.8
Libssh Libssh 0.5.1
6.8
CVSSv2
CVE-2007-4321
fail2ban 0.8 and previous versions does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via...
Fail2ban Fail2ban 0.8
1 EDB exploit
6.8
CVSSv2
CVE-2007-4322
BlockHosts prior to 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote malicious users to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated...
Ac Zoom Blockhosts 2.0.4
6.8
CVSSv2
CVE-2007-4323
DenyHosts 2.6 does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client pr...
Denyhosts Denyhosts 2.6
6.8
CVSSv2
CVE-2001-1585
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote malicious users to...
Openbsd Openssh 2.3.1
6.5
CVSSv2
CVE-2021-27891
SSH Tectia Client and Server prior to 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected.
Ssh Tectia Client
Ssh Tectia Connectsecure -
Ssh Tectia Server
6.5
CVSSv2
CVE-2019-1859
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an malicious user to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the...
Cisco Sg200-50 Firmware
Cisco Sg200-50p Firmware
Cisco Sg200-50fp Firmware
Cisco Sg200-26 Firmware
Cisco Sg200-26p Firmware
Cisco Sg200-26fp Firmware
Cisco Sg200-18 Firmware
Cisco Sg200-10fp Firmware
Cisco Sg200-08 Firmware
Cisco Sg200-08p Firmware
Cisco Sf200-24 Firmware
Cisco Sf200-24p Firmware
Cisco Sf200-24fp Firmware
Cisco Sf200-48 Firmware
Cisco Sf200-48p Firmware
Cisco Sf302-08pp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-28pp Firmware
6.5
CVSSv2
CVE-2018-1000805
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
Paramiko Paramiko 2.1.5
Paramiko Paramiko 1.18.5
Paramiko Paramiko 2.3.2
Paramiko Paramiko 2.2.3
Paramiko Paramiko 2.4.1
Paramiko Paramiko 2.0.8
Paramiko Paramiko 1.17.6
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 6.7
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Tus 7.6
Redhat Virtualization Host 4.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Workstation 6.0
Redhat Ansible Tower 3.3
Redhat Enterprise Linux Server Aus 6.4
Redhat Enterprise Linux Server Aus 6.6
1 Github repository
6.5
CVSSv2
CVE-2005-4178
Buffer overflow in Dropbear server prior to 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 3.0
Debian Debian Linux 3.1
6.4
CVSSv2
CVE-2022-1996
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Go-restful Project Go-restful
Fedoraproject Fedora 35
Fedoraproject Fedora 36
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »