Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
447
VMScore
CVE-2018-15919
Remotely observable behaviour in auth-gss2.c in OpenSSH up to and including 7.8 could be used by remote malicious users to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to ...
Openbsd Openssh
Netapp Cloud Backup -
Netapp Steelstore -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Cn1610 Firmware -
8 Github repositories
384
VMScore
CVE-2016-20012
OpenSSH up to and including 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be va...
Openbsd Openssh
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
4 Github repositories
393
VMScore
CVE-2019-16905
OpenSSH 7.7 up to and including 7.9 and 8.x prior to 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an e...
Openbsd Openssh
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Siemens Scalance X204rna Firmware
Siemens Scalance X204rna Ecc Firmware
NA
CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address...
Openbsd Openssh 9.1
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp A250 Firmware -
Netapp 500f Firmware -
Netapp C250 Firmware -
10 Github repositories
410
VMScore
CVE-2019-6110
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
Openbsd Openssh
Winscp Winscp
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Siemens Scalance X204rna Firmware
Siemens Scalance X204rna Eec Firmware
2 EDB exploits
1 Github repository
1 Article
505
VMScore
CVE-2000-0992
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Ssh Ssh 1.2.21
Ssh Ssh 1.2.15
Ssh Ssh 1.2.14
Ssh Ssh 1.2.19
Ssh Ssh 1.2.31
Ssh Ssh 1.2.24
Ssh Ssh 1.2.18
Openbsd Openssh 1.2.3
Ssh Ssh 1.2.20
Openbsd Openssh 1.2
Ssh Ssh 1.2.25
Ssh Ssh 1.2.17
Ssh Ssh 1.2.30
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.16
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.22
Ssh Ssh 1.2.23
1 EDB exploit
668
VMScore
CVE-2001-0572
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote malicious user to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password gu...
Ssh Ssh 1.2.31
Ssh Ssh 1.2.24
Ssh Ssh 1.2.25
Ssh Ssh 1.2.30
Openbsd Openssh 4.5
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
641
VMScore
CVE-2001-0872
OpenSSH 3.0.1 and previous versions with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
Openbsd Openssh
Redhat Linux 7.0
Redhat Linux 7.2
Suse Suse Linux 7.2
Suse Suse Linux 7.0
Suse Suse Linux 7.1
Suse Suse Linux 6.4
Suse Suse Linux 7.3
Redhat Linux 7.1
410
VMScore
CVE-2021-28041
ssh-agent in OpenSSH prior to 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Compute Node Firmware -
Netapp Hci Storage Node Firmware -
Oracle Zfs Storage Appliance 8.8
Oracle Communications Offline Mediation Controller 12.0.0.3.0
2 Github repositories
409
VMScore
CVE-2000-0143
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
Ssh Ssh 1.2.6
Ssh Ssh 1.2.0
Ssh Ssh 1.2.9
Ssh Ssh 1.2.21
Ssh Ssh 1.2.15
Ssh Ssh 1.2.4
Ssh Ssh 1.2.14
Ssh Ssh 1.2.19
Openbsd Openssh
Ssh Ssh 1.2.8
Ssh Ssh 1.2.24
Ssh Ssh 1.2.18
Ssh Ssh 1.2.7
Ssh Ssh 1.2.20
Openbsd Openssh 1.2
Ssh Ssh 1.2.3
Ssh Ssh 1.2.12
Ssh Ssh 1.2.25
Ssh Ssh 1.2.17
Ssh Ssh 1.2.1
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »