Lucene search
K

47 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

MiracleLinux 7 : openssh-7.4p1-11.el7 (AXSA:2017-1912:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1912:03 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...

7.8CVSS7.5AI score0.37431EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.22 views

ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2016-10009)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.5AI score0.37431EPSS
Exploits4References43
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.20 views

Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2016-10009)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.5AI score0.37431EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2016-10009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by...

7.5CVSS7.3AI score0.37431EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.211 views

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...

8.4AI score0.58568EPSS
Exploits38References15
Prion
Prion
added 2023/07/20 3:15 a.m.1194 views

Remote code execution

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

7.5CVSS9.1AI score0.76768EPSS
Exploits13References19Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/14 2:32 p.m.51 views

Security Bulletin: Vulnerabilities in OpenSSH affect IBM BladeCenter Advanced Management Module (AMM)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in OpenSSH. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in HTTPD. Vulnerability Details CVEID: CVE-2016-10011 Description...

7.8CVSS8.4AI score0.88944EPSS
Exploits22
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.138 views

K31440025: OpenSSH vulnerability CVE-2016-10009

Security Advisory Description Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. CVE-2016-10009 Impact Running the ssh-agent program requires a...

7.5CVSS7.8AI score0.37431EPSS
Exploits4Affected Software23
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.5 views

SUSE CVE-2016-10009

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

7.3CVSS8AI score0.37431EPSS
Exploits4References17
OSV
OSV
added 2022/07/04 7:13 p.m.5 views

CLSA-2022-1656962023 Fixed CVE-2016-10009 in openssh-5.3p1

CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...

7.5CVSS7.1AI score0.37431EPSS
Exploits4References1
CloudLinux
CloudLinux
added 2022/07/04 7:13 p.m.117 views

Fixed CVE-2016-10009 in openssh-5.3p1

CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...

7.5CVSS2.1AI score0.37431EPSS
Exploits4References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:45 a.m.74 views

Security Bulletin: Vulnerabilities in OpenSSH affects Power Hardware Management Console

Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6515 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by the failure to limit password lengths for password authentication by the...

7.8CVSS0.6AI score0.88944EPSS
Exploits23Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.43 views

SUSE: Security Advisory (SUSE-SU-2017:1661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.34 views

SUSE: Security Advisory (SUSE-SU-2017:0603-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits5References8
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 10:18 p.m.176 views

Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)

Summary SSH vulnerabilities were disclosed by the OpenSSH Project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading ...

7.8CVSS2AI score0.37431EPSS
Exploits5Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2017:0607-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2017:0264-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits8References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.45 views

SUSE: Security Advisory (SUSE-SU-2017:0607-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2017:0607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.37431EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1055)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.37431EPSS
Exploits5References2
Rows per page
Query Builder