Lucene search
K

34 matches found

OSV
OSV
added 2026/05/16 3:41 p.m.9 views

CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

9.1CVSS7AI score0.05118EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3861)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin on...

9.1CVSS6.9AI score0.05118EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2019-3861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. ...

9.1CVSS7.2AI score0.05118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.28 views

Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...

9.3CVSS8.2AI score0.11659EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.3 views

SUSE CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

3.5CVSS6.9AI score0.05118EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.11659EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2019:13982-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8AI score0.09219EPSS
Exploits0References11
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.72 views

libssh2 security update

1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...

9.3CVSS2.2AI score0.09219EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/28 3:9 p.m.39 views

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance (CVE-2019-3861, CVE-019-3858)

Summary Multiple vulnerabilities were fixed in the libssh2 component used by the IBM Security Access Manager Appliance. Vulnerability Details CVEID: CVE-2019-3861 DESCRIPTION: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value...

9.1CVSS2AI score0.06448EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.3AI score0.09219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.35 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0252)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attack...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.34 views

Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: libssh2 1.8.0. Security Fixes : - libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read CVE-2019-3858 - libssh2: Out-of-bounds reads with specially crafted SSH packets CVE-2019-386...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.97 views

libssh2 security, bug fix, and enhancement update

1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - fix out-of-bounds reads wit...

9.3CVSS2.1AI score0.09219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.184 views

RHEL 7 : libssh2 (RHSA-2019:2136)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2136 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. The following packages have been upgraded to a later upstream...

9.1CVSS7.6AI score0.06448EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/15 10:35 p.m.85 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z

Summary AT&T has released versions 1801-z for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches Vulnerabili...

9.3CVSS1.3AI score0.09393EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.35 views

EulerOS Virtualization 2.5.3 : libssh2 (EulerOS-SA-2019-1360)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote...

9.1CVSS7.3AI score0.08114EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.241 views

Fedora 30 : libssh2 (2019-70a9d4f970)

This update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.3CVSS7.4AI score0.09219EPSS
Exploits0References10
ALT Linux
ALT Linux
added 2019/04/24 12:0 a.m.57 views

Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt3.M80P.1

1.4.3-alt3.M80P.1 built April 24, 2019 Aleksei Nikiforov in task 227571 April 19, 2019 Aleksei Nikiforov - Fixes: + CVE-2016-0787 Truncated Diffie-Hellman secret length + CVE-2019-3855 Possible integer overflow in transport read allows out-of-bounds write + CVE-2019-3856 Possible integer overflow...

9.3CVSS8.4AI score0.09219EPSS
Exploits0
Debian
Debian
added 2019/04/13 1:11 p.m.55 views

[SECURITY] [DSA 4431-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4431-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq -...

9.3CVSS3AI score0.09219EPSS
Exploits0
Debian
Debian
added 2019/04/13 1:11 p.m.260 views

[SECURITY] [DSA 4431-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4431-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq -...

9.3CVSS9.3AI score0.09219EPSS
Exploits0
Rows per page
Query Builder