Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2001-0361
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote malicious user to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.
Openbsd Openssh 1.2.3
Ssh Ssh
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
314
VMScore
CVE-2011-5000
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and previous versions, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may...
Openbsd Openssh 5.5
Openbsd Openssh 5.4
Openbsd Openssh 4.6
Openbsd Openssh 4.5
Openbsd Openssh 4.0
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 1.2.3
Openbsd Openssh 1.2.1
Openbsd Openssh
Openbsd Openssh 5.1
Openbsd Openssh 5.0
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 4.4
312
VMScore
CVE-2012-0814
The auth_parse_options function in auth-options.c in sshd in OpenSSH prior to 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by ...
Openbsd Openssh 5.4
Openbsd Openssh 2
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
1 Github repository
265
VMScore
CVE-2006-5229
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote malicious users to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as d...
Openbsd Openssh 4.1
1 EDB exploit
233
VMScore
CVE-2021-36368
An issue exists in OpenSSH prior to 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO au...
Openbsd Openssh
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
232
VMScore
CVE-2008-5161
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 up to and including 4.4.11, 5.0 up to and including 5.2.4, and 5.3 up to and including 5.3.8; Client and Server and ConnectSecure 6.0 up to and including 6.0.4; Server for Linux on IBM System...
Openbsd Openssh 4.7p1
Ssh Tectia Client 4.0
Ssh Tectia Client 4.0.1
Ssh Tectia Client 4.3.1
Ssh Tectia Client 4.3.1j
Ssh Tectia Client 4.3.2
Ssh Tectia Client 4.3.8k
Ssh Tectia Client 4.3.9k
Ssh Tectia Client 4.4.7
Ssh Tectia Client 4.4.8
Ssh Tectia Server 4.3
Ssh Tectia Server 4.3.1
Ssh Tectia Server 4.4.2
Ssh Tectia Server 4.4.4
Ssh Tectia Server 4.4.10
Ssh Tectia Server 4.4.11
Ssh Tectia Connector 4.3.5
Ssh Tectia Connector 4.4.0
Ssh Tectia Connector 5.0.0
Ssh Tectia Connector 5.0.1
Ssh Tectia Client 4.0.5
Ssh Tectia Client 4.2
4 Github repositories
231
VMScore
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
Openbsd Openssh
Winscp Winscp
Netapp Cloud Backup -
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
1 Github repository
1 Article
215
VMScore
CVE-2001-1029
libutil in OpenSSH on FreeBSD 4.4 and previous versions does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or...
Openbsd Openssh 4.5
Freebsd Freebsd
1 EDB exploit
190
VMScore
CVE-2011-4327
ssh-keysign.c in ssh-keysign in OpenSSH prior to 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
Openbsd Openssh 5.4
Openbsd Openssh 5.3
Openbsd Openssh 5.2
Openbsd Openssh 5.1
Openbsd Openssh 4.1p1
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh 4.0
Openbsd Openssh 3.6.1
Openbsd Openssh 3.6
Openbsd Openssh 3.5p1
Openbsd Openssh 3.5
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0
Openbsd Openssh 2.9p2
Openbsd Openssh 1.5.8
Openbsd Openssh 1.5.7
Openbsd Openssh 1.5
Openbsd Openssh 1.3
Openbsd Openssh 4.6
Openbsd Openssh 4.5
188
VMScore
CVE-2016-10011
authfile.c in sshd in OpenSSH prior to 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
Openbsd Openssh
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »