Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
418
VMScore
CVE-2017-9079
Dropbear prior to 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 8.0
446
VMScore
CVE-2018-15599
The recv_msg_userauth_request function in svr-auth.c in Dropbear up to and including 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codeb...
Debian Debian Linux 8.0
Dropbear Ssh Project Dropbear Ssh
2 Github repositories
756
VMScore
CVE-2017-9078
The server in Dropbear prior to 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 8.0
Netapp H410c Firmware -
356
VMScore
CVE-2001-0361
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote malicious user to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.
Openbsd Openssh 1.2.3
Ssh Ssh
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
632
VMScore
CVE-2012-0920
Use-after-free vulnerability in Dropbear SSH Server 0.52 up to and including 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command reque...
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 6.0
Debian Debian Linux 7.0
668
VMScore
CVE-2020-9355
danfruehauf NetworkManager-ssh prior to 1.2.11 allows privilege escalation because extra options are mishandled.
Networkmanager-ssh Project Networkmanager-ssh
Debian Debian Linux 9.0
Debian Debian Linux 10.0
578
VMScore
CVE-2005-4178
Buffer overflow in Dropbear server prior to 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
Dropbear Ssh Project Dropbear Ssh
Debian Debian Linux 3.0
Debian Debian Linux 3.1
356
VMScore
CVE-2022-30957
A missing permission check in Jenkins SSH Plugin 2.6.1 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Ssh
1 Github repository
605
VMScore
CVE-2022-30958
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and previous versions allows malicious users to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenk...
Jenkins Ssh
1 Github repository
445
VMScore
CVE-2017-1000245
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.
Jenkins Ssh
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »