Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2008-3234
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Openbsd Openssh 4.0
1 EDB exploit
668
VMScore
CVE-2003-0386
OpenSSH 3.6.1 and previous versions, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote malicious users to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose r...
Openbsd Openssh 3.6.1
605
VMScore
CVE-2001-1585
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote malicious users to...
Openbsd Openssh 2.3.1
668
VMScore
CVE-2000-1169
OpenSSH SSH client prior to 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Openbsd Openssh 2.2
890
VMScore
CVE-2000-0999
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow malicious users to gain root privileges.
Openbsd Openssh 4.5
187
VMScore
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Openbsd Openssh 1.2.27
1 Github repository
383
VMScore
CVE-2020-14145
The client side in OpenSSH 5.7 up to and including 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached ...
Openbsd Openssh 8.4
Openbsd Openssh
Openbsd Openssh 8.5
Openbsd Openssh 8.6
Netapp Aff A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
1 Github repository
786
VMScore
CVE-2016-6515
The auth_password function in auth-passwd.c in sshd in OpenSSH prior to 7.3 does not limit password lengths for password authentication, which allows remote malicious users to cause a denial of service (crypt CPU consumption) via a long string.
Openbsd Openssh
Fedoraproject Fedora 24
1 EDB exploit
3 Github repositories
215
VMScore
CVE-2001-1029
libutil in OpenSSH on FreeBSD 4.4 and previous versions does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or...
Openbsd Openssh 4.5
Freebsd Freebsd
1 EDB exploit
668
VMScore
CVE-2002-0765
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
Openbsd Openssh 3.2.2
Openbsd Openbsd 3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »