Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2019-25017
An issue exists in rcp in MIT krb5-appl up to and including 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (o...
Mit Krb5-appl
5.8
CVSSv2
CVE-2019-17498
In libssh2 v1.9.0 and previous versions versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an malicious user to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclo...
Libssh2 Libssh2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Bootstrap Os -
1 Github repository
5.8
CVSSv2
CVE-2019-13115
In libssh2 prior to 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose se...
Libssh2 Libssh2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp E-series Santricity Os Controller
F5 Traffix Systems Signaling Delivery Controller
2 Github repositories
5.8
CVSSv2
CVE-2019-6111
An issue exists in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Fedoraproject Fedora 30
Apache Mina Sshd 2.2.0
2 EDB exploits
3 Github repositories
1 Article
5.8
CVSSv2
CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and previous versions allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Openbsd Openssh 6.4
Openbsd Openssh 6.3
Openbsd Openssh 6.5
Openbsd Openssh 6.2
Openbsd Openssh 6.1
Openbsd Openssh 6.0
Openbsd Openssh
5.8
CVSSv2
CVE-2014-2532
sshd in OpenSSH prior to 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote malicious users to bypass intended environment restrictions by using a substring located before a wildcard character.
Oracle Communications User Data Repository 10.0.1
Openbsd Openssh
Openbsd Openssh 6.4
Openbsd Openssh 6.1
Openbsd Openssh 6.0
Openbsd Openssh 6.3
Openbsd Openssh 6.2
5.5
CVSSv2
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.5
CVSSv2
CVE-2018-0381
A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition th...
Cisco Aironet Access Points 8.2\\(166.0\\)
Cisco Aironet Access Points 8.2\\(167.3\\)
Cisco Aironet Access Points 8.3\\(133.0\\)
Cisco Aironet Access Points 8.3\\(141.10\\)
Cisco Aironet Access Points 8.5\\(120.0\\)
Cisco Aironet Access Points 8.7\\(1.96\\)
Cisco Aironet Access Points 8.7\\(1.99\\)
Cisco Aironet Access Points 8.7\\(1.107\\)
5
CVSSv2
CVE-2022-29526
Go prior to 1.17.10 and 1.18.x prior to 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Golang Go
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Beegfs Csi Driver -
5
CVSSv2
CVE-2022-27781
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to ret...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »