Lucene search
K

57 matches found

OSV
OSV
added 2026/03/26 12:32 p.m.5 views

CLSA-2026-1774528369 openssh: Fix of 3 CVEs

CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory permissions via crafted filenames - CVE-2019-6109: fix scp client where a malicious server could manipulate the client's progress display output due to...

6.8CVSS7AI score0.58204EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.11 views

MiracleLinux 7 : openssh-7.4p1-23.0.3.0.3.el7.AXS7 (AXSA:2025-10789:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10789:04 advisory. CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory...

6.8CVSS7.4AI score0.58204EPSS
Exploits9References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23797

Malware in sbrugna...

8.1CVSS8.7AI score0.01554EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2018-20685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact ...

5.3CVSS6.9AI score0.03681EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.26 views

Photon OS 3.0: Openssh PHSA-2019-3.0-0003

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0003. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

5.3CVSS7.7AI score0.03681EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.210 views

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...

8.4AI score0.58568EPSS
Exploits38References15
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.37 views

Siemens SCALANCE X-200RNA Switch Devices Incorrect Authorization (CVE-2018-20685)

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. - In OpenSSH 7.9, scp.c in the scp client allows remote SSH...

5.3CVSS7AI score0.03681EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.44 views

F5 Networks BIG-IP : OpenSSH vulnerability (K11315080)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K11315080 advisory. In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via...

5.3CVSS7AI score0.03681EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/04 12:0 a.m.5268 views

OpenSSH < 8.0

According to its banner, the version of OpenSSH running on the remote host is prior to 8.0. It is, therefore, affected by the following vulnerabilities: - A permission bypass vulnerability due to improper directory name validation. An unauthenticated, remote attacker can exploit this, with a...

6.8CVSS7.3AI score0.58204EPSS
Exploits10References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2019-0067)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.5AI score0.03681EPSS
Exploits0References4
Mageia
Mageia
added 2021/11/25 1:6 p.m.66 views

Updated rsh packages fix security vulnerability

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. CVE-2019-7282 An issu...

7.4CVSS3AI score0.02067EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/11/22 12:0 a.m.38 views

OpenBSD OpenSSH <= 7.9 Multiple Vulnerabilities

OpenBSD OpenSSH is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8CVSS6.6AI score0.58204EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.43 views

SUSE: Security Advisory (SUSE-SU-2019:13931-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.3AI score0.58204EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.43 views

SUSE: Security Advisory (SUSE-SU-2019:0132-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.3AI score0.58204EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2019:0125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.3AI score0.58204EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2021/03/25 12:0 a.m.64 views

Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.0.21 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 Multiple Vulnerabilities

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 7.1.26 or 8.0.x prior to 8.0.21 or 8.1.x prior to 8.1.13 or 9.0.x prior to 9.0.7. It is, therefore, affected by multiple vulnerabilities. - OpenSSH software included with PAN-OS has been upgraded to resolve...

6.8CVSS6.9AI score0.58204EPSS
Exploits9References7
NVD
NVD
added 2021/02/25 9:15 a.m.34 views

CVE-2020-36254

scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685...

8.1CVSS0.01554EPSS
Exploits0References1
OSV
OSV
added 2021/02/25 9:15 a.m.5 views

ALPINE-CVE-2020-36254

scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685...

8.1CVSS7AI score0.01554EPSS
Exploits0References1
Prion
Prion
added 2021/02/25 9:15 a.m.44 views

Sql injection

scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685...

6.8CVSS6AI score0.03681EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/02/25 8:29 a.m.379 views

CVE-2020-36254

CVE-2020-36254 : In Dropbear, the SCP client (scp.c) before version 2020.79 mishandles the filename of “.” or an empty filename, related to CVE-2018-20685. Affected: Dropbear releases prior to 2020.79. Impact and exploit details are not provided beyond the filename handling issue in scp. Remediat...

8.1CVSS6.3AI score0.01554EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder