CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1842 matches found

ALT Linux•added 2017/08/08 12:0 a.m.•22 views

Security fix for the ALT Linux 8 package libssh version 0.7.5-alt1

Aug. 8, 2017 Sergey V Turchin 0.7.5-alt1 - new version - security fix: CVE-2016-0739...

4.3CVSS6AI score0.03777EPSS

Exploits0

Kitploit•added 2016/10/24 2:0 p.m.•76 views

ssh-audit - SSH Server Auditing

ssh-audit is a tool for ssh server auditing. Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and operating system, detect compression; gather key-exchange, host-key, encryption and message authentication code algorithms; output algorithm information...

7.7AI score

Exploits0References1

Tenable Nessus•added 2016/09/28 12:0 a.m.•45 views

F5 Networks BIG-IP : libssh vulnerability (K57255643)

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a 'bits/bytes...

5.9CVSS6.3AI score0.03777EPSS

Exploits0References2

F5 Networks•added 2016/09/27 12:0 a.m.•39 views

SOL57255643 - libssh vulnerability CVE-2016-0739

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS2.8AI score0.03777EPSS

Exploits0References7

Tenable Nessus•added 2016/07/26 12:0 a.m.•42 views

Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.4.0. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the bundled version of libcurl due to using an insecure pat...

7.8CVSS7.5AI score0.03777EPSS

Exploits0References7

BDU FSTEC•added 2016/07/07 12:0 a.m.•1 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the Debian GNU/Linux operating system’s libssh package can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS0.06733EPSS

Exploits0References9Affected Software1

Tenable Nessus•added 2016/06/27 12:0 a.m.•57 views

GLSA-201606-12 : libssh and libssh2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201606-12 libssh and libssh2: Multiple vulnerabilities libssh and libssh2 both have a bits/bytes confusion bug and generate an abnormaly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange...

5.9CVSS6.5AI score0.03777EPSS

Exploits0References4

Hacker One•added 2016/06/14 4:51 p.m.•69 views

Sucuri: SSRF in sitecheck.sucuri.net

Hi, Sucuri Security Team. I found a SSRF in https://sitecheck.sucuri.net/ Although there was already an protection to prevent SSRF, but it can be bypassed by 302 redirection! ssrf.php https://sitecheck.sucuri.net/results/orange.tw/ssrf.php And your port will receive "HELLO WORLD" orange@z:$ nc -v...

6.7AI score

Exploits0

OSV•added 2016/04/13 5:59 p.m.•7 views

CVE-2016-0739

5.9CVSS5.5AI score0.03777EPSS

Exploits0References10

OSV•added 2016/04/13 5:59 p.m.•0 views

DEBIAN-CVE-2016-0739

5.9CVSS5.5AI score0.03777EPSS

Exploits0References1

NVD•added 2016/04/13 5:59 p.m.•12 views

CVE-2016-0739

5.9CVSS5.8AI score0.03777EPSS

Exploits0References10

OSV•added 2016/04/13 5:59 p.m.•8 views

CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

7.5CVSS7.2AI score0.02405EPSS

Exploits0References7

OSV•added 2016/04/13 5:59 p.m.•1 views

DEBIAN-CVE-2015-3146

7.5CVSS6.7AI score0.02405EPSS

Exploits0References1

Prion•added 2016/04/13 5:59 p.m.•22 views

Type confusion

4.3CVSS6.8AI score0.03777EPSS

Exploits0References10Affected Software5

CVE•added 2016/04/13 5:0 p.m.•79 views

CVE-2015-3146

The CVE-2015-3146 issue affects libssh up to version 0.6.4 (pre-0.6.5). The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY handlers in package_cb.c do not properly validate state, enabling a crafted SSH packet to trigger a NULL pointer dereference and cause a denial of service (crash). Affected ...

7.5CVSS7AI score0.02405EPSS

Exploits0References7Affected Software1

CVE•added 2016/04/13 5:0 p.m.•116 views

CVE-2016-0739

The CVE-2016-0739 issue affects libssh up to and including version 0.7.2 (pre-0.7.3). It truncates ephemeral secrets used in diffie-hellman-group1 and diffie-hellman-group14 key exchanges to 128 bits, enabling man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vector...

5.9CVSS5.6AI score0.03777EPSS

Exploits0References10Affected Software1