Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-43565
The x/crypto/ssh package prior to 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an malicious user to panic an SSH server.
Golang Ssh
1 Github repository
4
CVSSv2
CVE-2022-30959
A missing permission check in Jenkins SSH Plugin 2.6.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenk...
Jenkins Ssh
1 Github repository
5
CVSSv2
CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote malicious users to cause a denial of service against SSH servers.
Golang Ssh
2 Github repositories
10
CVSSv2
CVE-2005-2771
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote malicious users to bypass intended restrictions and login to ...
F-secure F-secure Ssh Server 5.1
F-secure F-secure Ssh Server 5.3
F-secure F-secure Ssh Server 5.2
Wrq Wrq Reflection For Secure It Windows Server 6.0
4
CVSSv2
CVE-2018-1000601
A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and previous versions in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master ...
Jenkins Ssh Credentials
6.8
CVSSv2
CVE-2017-2648
It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.
Jenkins Ssh Slaves
5
CVSSv2
CVE-2001-0364
SSH Communications Security sshd 2.4 for Windows allows remote malicious users to create a denial of service via a large number of simultaneous connections.
Ssh Ssh2 2.4
4
CVSSv2
CVE-2018-1999036
An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and previous versions in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission to read the build log.
Jenkins Ssh Agent
4
CVSSv2
CVE-2022-20620
Missing permission checks in Jenkins SSH Agent Plugin 1.23 and previous versions allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Ssh Agent
4.6
CVSSv2
CVE-1999-1159
SSH 2.0.11 and previous versions allows local users to request remote forwarding from privileged ports without being root.
Ssh Ssh2 2.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »