Lucene search
K

29 matches found

OSV
OSV
added 2025/05/23 2:0 p.m.3 views

OESA-2025-1550 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

4.3CVSS7.2AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2025/05/21 10:48 a.m.4 views

SUSE-SU-2025:01638-1 Security update for openssh

This update for openssh fixes the following issue: Security fixes: - CVE-2025-32728: Fixed logic error in DisableForwarding option bsc1241012 Other fixes: - Fix ssh client segfault with GSSAPIKeyExchange=yes in sshkex2 due to gssapi proposal not being correctly initialized bsc1236826. The problem...

4.3CVSS7.3AI score0.00172EPSS
Exploits0References5
CheckPoint Security
CheckPoint Security
added 2025/04/27 12:0 a.m.17 views

Check Point response to CVE-2025-32728 - The SSH directive "DisableForwarding" fails to disable "X11 Forwarding" and "Agent Forwarding"

Symptoms - A flaw was found in OpenSSH - in affected versions of SSHD, the directive "DisableForwarding" does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and Agent forwarding, which may allow unintended access under certain configurations...

4.3CVSS6.7AI score0.00172EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.5 views

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

...

4.3CVSS6.4AI score0.00172EPSS
Exploits0
OSV
OSV
added 2025/04/18 1:50 p.m.1 views

OESA-2025-1440 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

6.8CVSS6.8AI score0.06997EPSS
Exploits4References3
OSV
OSV
added 2025/04/18 1:49 p.m.4 views

OESA-2025-1439 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

6.8CVSS6.8AI score0.06997EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2025/04/11 9:21 a.m.4 views

SUSE CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

4.3CVSS7AI score0.00172EPSS
Exploits0References8
Snyk
Snyk
added 2025/04/10 1:49 a.m.2 views

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation due to the behavior of the DisableForwarding directive in sshd8, which fails to disable X11 forwarding and agent forwarding by default. An attacker can bypass intended security restrictions. Remediation A fix...

5.1CVSS6.9AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2023/05/30 4:7 p.m.6 views

CVE-2023-24826 Usage of Uninitialized Timer during forwarding of Fragments with SFR

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issu...

5.9CVSS6.8AI score0.00832EPSS
Exploits0References6
Rows per page
Query Builder