Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0310
SSH 1.2.25 on HP-UX allows access to new user accounts.
Ssh Ssh 1.2.25
NA
CVE-1999-0787
The SSH authentication agent follows symlinks via a UNIX domain socket.
Ssh Ssh 1.2.27
1 EDB exploit
NA
CVE-1999-0248
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an malicious user to steal another user's credentials.
Ssh Ssh 1.2.27
NA
CVE-2007-5616
ssh-signer in SSH Tectia Client and Server 5.x prior to 5.2.4, and 5.3.x prior to 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors.
Ssh Tectia Client
Ssh Tectia Server
NA
CVE-2007-1654
Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) prior to 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to m...
Netsieben Netsieben Ssh Library 1.1
Netsieben Netsieben Ssh Library 1.2.0
Netsieben Netsieben Ssh Library 1.03
Netsieben Netsieben Ssh Library 1.1.6
Netsieben Netsieben Ssh Library 1.1.5
NA
CVE-2005-4310
SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials.
Ssh Tectia Server 5.0.0 A
Ssh Tectia Server 5.0.0 F
Ssh Tectia Server 5.0.0 T
5.3
CVSSv3
CVE-2019-12953
Dropbear 2011.54 up to and including 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.
Dropbear Ssh Project Dropbear Ssh
7.5
CVSSv3
CVE-2017-2659
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts.
Dropbear Ssh Project Dropbear Ssh
NA
CVE-2007-0844
The auth_via_key function in pam_ssh.c in pam_ssh prior to 1.92, when the allow_blank_passphrase option is disabled, allows remote malicious users to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase...
Pam Ssh Pam Ssh 1.91
8.1
CVSSv3
CVE-2020-36254
scp.c in Dropbear prior to 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
Dropbear Ssh Project Dropbear Ssh
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »