Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Openbsd Openssh 1.2.27
1 Github repository
NA
CVE-2012-5014
Cisco IOS prior to 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
Cisco Ios
Cisco Ios 15.1\\(1\\)sy1
Cisco Ios 15.1
Cisco Ios 15.1\\(1\\)sy2
Cisco Ios 15.1\\(1\\)sy
NA
CVE-2003-0046
AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
Celestial Software Absolutetelnet 2.11
7.2
CVSSv3
CVE-2019-1859
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an malicious user to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the...
Cisco Sg200-50 Firmware
Cisco Sg200-50p Firmware
Cisco Sg200-50fp Firmware
Cisco Sg200-26 Firmware
Cisco Sg200-26p Firmware
Cisco Sg200-26fp Firmware
Cisco Sg200-18 Firmware
Cisco Sg200-10fp Firmware
Cisco Sg200-08 Firmware
Cisco Sg200-08p Firmware
Cisco Sf200-24 Firmware
Cisco Sf200-24p Firmware
Cisco Sf200-24fp Firmware
Cisco Sf200-48 Firmware
Cisco Sf200-48p Firmware
Cisco Sf302-08pp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-28pp Firmware
9.1
CVSSv3
CVE-2019-3861
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
8.1
CVSSv3
CVE-2023-43660
Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. The SSH key verification for a user can be bypassed by sending an SSH key offer without a signature. This allows bypassing authentication under following conditions: 1. The...
Warpgate Project Warpgate
9.8
CVSSv3
CVE-2017-14459
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username param...
Moxa Awk-3131a Firmware 1.7
Moxa Awk-3131a Firmware 1.5
Moxa Awk-3131a Firmware 1.4
Moxa Awk-3131a Firmware 1.6
NA
CVE-2001-1585
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote malicious users to...
Openbsd Openssh 2.3.1
8
CVSSv3
CVE-2023-28436
Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to before 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that...
Tailscale Tailscale
9.8
CVSSv3
CVE-2020-16846
An issue exists in SaltStack Salt up to and including 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Saltstack Salt 3001
Saltstack Salt
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »