Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh ssh 1.2.0 vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2023-28321
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather t...
Haxx Curl
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
1 Github repository
5.9
CVSSv3
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability aff...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 up to and including 7...
Fortinet Fortiproxy
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
6.5
CVSSv3
CVE-2022-36908
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and previous versions allows malicious users to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenk...
Jenkins Openshift Deployer
6.5
CVSSv3
CVE-2022-36909
A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and previous versions allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenk...
Jenkins Openshift Deployer
5.9
CVSSv3
CVE-2021-36221
Go prior to 1.15.15 and 1.16.x prior to 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
Golang Go
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Timesten In-memory Database
Siemens Scalance Lpe9403 Firmware
NA
CVE-2014-4749
IBM PowerVC 1.2.0 before FixPack3 does not properly use the known_hosts file, which allows man-in-the-middle malicious users to spoof SSH servers via an arbitrary server key.
Ibm Powervc 1.2.0.2
Ibm Powervc 1.2.0.0
Ibm Powervc 1.2.0.1
NA
CVE-2013-4490
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell prior to 1.7.3, as used in GitLab 5.0 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Gitlab Gitlab 6.0.0
Gitlab Gitlab 6.2.0
Gitlab Gitlab 5.2.0
Gitlab Gitlab 5.0.1
Gitlab Gitlab-shell
Gitlab Gitlab-shell 1.4.0
Gitlab Gitlab-shell 1.2.0
Gitlab Gitlab-shell 1.7.1
Gitlab Gitlab-shell 1.7.0
Gitlab Gitlab-shell 1.6.0
Gitlab Gitlab-shell 1.5.0
Gitlab Gitlab 6.2.1
Gitlab Gitlab 6.2.2
Gitlab Gitlab 5.4.0
Gitlab Gitlab 5.3.0
Gitlab Gitlab-shell 1.0.4
Gitlab Gitlab 6.1.0
Gitlab Gitlab 5.1.0
Gitlab Gitlab 5.0.0
Gitlab Gitlab-shell 1.3.0
Gitlab Gitlab-shell 1.1.0
1 EDB exploit
NA
CVE-2013-4581
GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote malicious users to execute arbitrary code via a crafted change using SSH.
Gitlab Gitlab 3.1.0
Gitlab Gitlab 3.0.3
Gitlab Gitlab 3.0.2
Gitlab Gitlab 3.0.1
Gitlab Gitlab 2.1.0
Gitlab Gitlab 2.0.0
Gitlab Gitlab 1.2.2
Gitlab Gitlab 1.2.1
Gitlab Gitlab 1.2.0
Gitlab Gitlab 6.1.0
Gitlab Gitlab 6.0.0
Gitlab Gitlab 5.4.1
Gitlab Gitlab 5.0.1
Gitlab Gitlab 4.2.0
Gitlab Gitlab 4.0.0
Gitlab Gitlab 3.0.0
Gitlab Gitlab 2.9.0
Gitlab Gitlab 2.3.1
Gitlab Gitlab 2.2.0
Gitlab Gitlab 1.0.2
Gitlab Gitlab 1.0.0
Gitlab Gitlab
NA
CVE-2013-0220
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) prior to 1.9.4 allow remote malicious users...
Fedoraproject Sssd 0.5.0
Fedoraproject Sssd 1.8.0
Fedoraproject Sssd 1.5.8
Fedoraproject Sssd 1.7.0
Fedoraproject Sssd 0.3.1
Fedoraproject Sssd 1.2.3
Fedoraproject Sssd 1.9.1
Fedoraproject Sssd 1.5.2
Fedoraproject Sssd 1.0.4
Fedoraproject Sssd 1.6.4
Fedoraproject Sssd 1.8.2
Fedoraproject Sssd 1.5.13
Fedoraproject Sssd 0.7.1
Fedoraproject Sssd 1.4.0
Fedoraproject Sssd 1.2.2
Fedoraproject Sssd 1.1.92
Fedoraproject Sssd 1.2.4
Fedoraproject Sssd 1.9.2
Fedoraproject Sssd 1.8.5
Fedoraproject Sssd 1.5.0
Fedoraproject Sssd 1.5.5
Fedoraproject Sssd 1.8.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »