Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh2 vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2002-1644
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 up to and including 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows malicious users to gain certain privileges.
Ssh Ssh2 2.4
Ssh Ssh2 2.5
Ssh Ssh2 3.1.4
Ssh Ssh2 3.2
Ssh Ssh2 3.0
Ssh Ssh2 3.0.1
Ssh Ssh2 3.2.1
Ssh Ssh2 2.2
Ssh Ssh2 2.3
Ssh Ssh2 3.1.2
Ssh Ssh2 3.1.3
Ssh Ssh2 2.0.13
Ssh Ssh2 2.1
Ssh Ssh2 3.1
Ssh Ssh2 3.1.1
445
VMScore
CVE-1999-1231
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote malicious users to determine user account names on the server.
Ssh Ssh2 2.0.10
Ssh Ssh2 2.0.11
Ssh Ssh2 2.0.7
Ssh Ssh2 2.0.8
Ssh Ssh2 2.0.12
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.9
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0
Ssh Ssh2 2.0.1
Ssh Ssh2 2.0.5
Ssh Ssh2 2.0.6
668
VMScore
CVE-1999-1029
SSH server (sshd2) prior to 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote malicious user to guess the password without showing up in the audit logs.
Ssh Ssh2 2.0.5
Ssh Ssh2 2.0.6
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0.11
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.9
Ssh Ssh2 2.0
Ssh Ssh2 2.0.1
Ssh Ssh2 2.0.10
Ssh Ssh2 2.0.7
Ssh Ssh2 2.0.8
890
VMScore
CVE-2002-1645
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote malicious users to execute arbitrary code via a long URL.
Ssh Ssh2 3.2
Ssh Ssh2 3.1
Ssh Ssh2 3.1.3
Ssh Ssh2 3.1.4
Ssh Ssh2 3.1.1
Ssh Ssh2 3.1.2
725
VMScore
CVE-2002-1715
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
Ssh Ssh 1.2.0
Ssh Ssh 1.2.16
Ssh Ssh 1.2.1
Ssh Ssh 1.2.10
Ssh Ssh 1.2.18
Ssh Ssh 1.2.19
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
Ssh Ssh 1.2.4
Ssh Ssh 1.2.5
Ssh Ssh2 2.0.11
Ssh Ssh2 2.0.12
Ssh Ssh2 2.0.7
Ssh Ssh2 2.0.8
Ssh Ssh2 3.0
Ssh Ssh 1.2.11
Ssh Ssh 1.2.12
Ssh Ssh 1.2.2
Ssh Ssh 1.2.20
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.6
1 EDB exploit
454
VMScore
CVE-2000-0217
The default configuration of SSH allows X forwarding, which could allow a remote malicious user to control a client's X sessions via a malicious xauth program.
Ssh Ssh 1.2.11
Ssh Ssh 1.2.12
Ssh Ssh 1.2.13
Ssh Ssh 1.2.14
Ssh Ssh 1.2.15
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.3
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0.5
Ssh Ssh 1.2.2
Ssh Ssh 1.2.20
Ssh Ssh 1.2.21
Ssh Ssh 1.2.22
Ssh Ssh 1.2.7
Ssh Ssh 1.2.8
Ssh Ssh 1.2.9
Ssh Ssh2 2.0
Ssh Ssh 1.2.0
668
VMScore
CVE-2020-26301
ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method...
Ssh2 Project Ssh2
445
VMScore
CVE-2001-0364
SSH Communications Security sshd 2.4 for Windows allows remote malicious users to create a denial of service via a large number of simultaneous connections.
Ssh Ssh2 2.4
409
VMScore
CVE-1999-1159
SSH 2.0.11 and previous versions allows local users to request remote forwarding from privileged ports without being root.
Ssh Ssh2 2.0.11
NA
CVE-2023-41939
Jenkins SSH2 Easy Plugin 1.4 and previous versions does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.
Jenkins Ssh2 Easy
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »