Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY prior to 0.71.
Putty Putty
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Netapp Oncommand Unified Manager -
9.8
CVSSv3
CVE-2017-14459
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current). An attacker can inject commands via the username param...
Moxa Awk-3131a Firmware 1.7
Moxa Awk-3131a Firmware 1.5
Moxa Awk-3131a Firmware 1.4
Moxa Awk-3131a Firmware 1.6
9.8
CVSSv3
CVE-2018-7749
The SSH server implementation of AsyncSSH prior to 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step.
Asyncssh Project Asyncssh
9.8
CVSSv3
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
125 Github repositories
3 Articles
9.1
CVSSv3
CVE-2022-1996
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Go-restful Project Go-restful
Fedoraproject Fedora 35
Fedoraproject Fedora 36
1 Github repository
9.1
CVSSv3
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
3 Github repositories
9.1
CVSSv3
CVE-2019-3860
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
9.1
CVSSv3
CVE-2019-3861
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
9.1
CVSSv3
CVE-2019-3858
An out of bounds read flaw exists in libssh2 prior to 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
9.1
CVSSv3
CVE-2019-3859
An out of bounds read flaw exists in libssh2 prior to 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Libssh2 Libssh2
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Opensuse Leap 42.3
Opensuse Leap 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »