Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh client vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-4752
ssh in OpenSSH prior to 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows malicious users to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Openbsd Openssh 4.3p2
Openbsd Openssh 4.3p1
Openbsd Openssh 4.0
Openbsd Openssh 4.3
Openbsd Openssh 4.2p1
Openbsd Openssh 4.4p1
Openbsd Openssh 4.4
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh
Openbsd Openssh 4.5
Openbsd Openssh 4.2
Openbsd Openssh 4.1p1
668
VMScore
CVE-2007-1099
dbclient in Dropbear SSH client prior to 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote malicious users to conduct man-in-the-middle attacks.
Dropbear Ssh Project Dropbear Ssh
668
VMScore
CVE-2003-0386
OpenSSH 3.6.1 and previous versions, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote malicious users to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose r...
Openbsd Openssh 3.6.1
668
VMScore
CVE-2003-0258
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x up to and including 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote malicious users to reach the private network without authentication.
Cisco Vpn 3015 Concentrator
Cisco Vpn 3030 Concentator
Cisco Vpn 3000 Concentrator Series Software 3.5.4
Cisco Vpn 3000 Concentrator Series Software 3.5.5
Cisco Vpn 3000 Concentrator Series Software 3.6
Cisco Vpn 3000 Concentrator Series Software 3.6.7.a
Cisco Vpn 3000 Concentrator Series Software 3.6.7.b
Cisco Vpn 3000 Concentrator Series Software 3.5\\(rel\\)
Cisco Vpn 3000 Concentrator Series Software 3.5.1
Cisco Vpn 3000 Concentrator Series Software 4.0
Cisco Vpn 3000 Concentrator Series Software 3.6.3
Cisco Vpn 3005 Concentrator Software 4.0.1
Cisco Vpn 3060 Concentrator
Cisco Vpn 3080 Concentrator
Cisco Vpn 3000 Concentrator Series Software 3.6.1
Cisco Vpn 3000 Concentrator Series Software 3.6.7d
Cisco Vpn 3000 Concentrator Series Software 3.6.7.c
Cisco Vpn 3000 Concentrator Series Software 3.6.7.d
Cisco Vpn 3000 Concentrator Series Software 3.5.2
Cisco Vpn 3000 Concentrator Series Software 3.5.3
Cisco Vpn 3000 Concentrator Series Software 3.6.5
Cisco Vpn 3000 Concentrator Series Software 3.6.7
668
VMScore
CVE-2002-0655
OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow malicious users to cause a denial of service and possibly execute arbitrary code.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Oracle Application Server 1.0.2
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Oracle Corporate Time Outlook Connector 3.1.1
Oracle Corporate Time Outlook Connector 3.1.2
Oracle Corporate Time Outlook Connector 3.3
Oracle Http Server 9.0.1
Oracle Application Server 1.0.2.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6b
Oracle Application Server
Oracle Application Server 1.0.2.1s
Oracle Corporate Time Outlook Connector 3.1
Oracle Http Server 9.2.0
668
VMScore
CVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 prior to 0.9.7-beta3, with Kerberos enabled, allows malicious users to execute arbitrary code via a long master key.
Openssl Openssl 0.9.7
668
VMScore
CVE-2001-1473
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's publi...
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
668
VMScore
CVE-2000-1169
OpenSSH SSH client prior to 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Openbsd Openssh 2.2
668
VMScore
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote malicious users to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
Mit Kerberos V
643
VMScore
CVE-2016-10012
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH prior to 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation ...
Openbsd Openssh
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »