1815 matches found
AZL-64346 CVE-2025-5318 affecting package libssh for versions less than 0.10.6-2
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
DEBIAN-CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
AZL-64358 CVE-2025-5318 affecting package libssh for versions less than 0.10.6-2
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
UBUNTU-CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This...
CVE-2025-5318 Libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318 Libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
CVE-2025-5318 : A flaw in libssh before 0.11.2 allows an authenticated remote attacker to trigger an out-of-bounds read in sftp_handle() due to an incorrect comparison, potentially reading memory beyond the valid handle list and returning an invalid pointer. Documented impacts include confidentia...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2025-5318
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
libssh 缓冲区错误漏洞
libssh is a C development package from the libssh organization for accessing SSH services, which is capable of executing remote commands, file transfers, as well as providing a secure transport channel for remote programs. A buffer error vulnerability exists in libssh that stems from an...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the sshkdf function when built with OpenSSL versions older than 3.0. An attacker can compromise the confidentiality, integrity, and availability of SSH sessions by triggering...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the bintobase64 function in base64.c. An attacker can cause memory corruption by supplying very large input to sshgetfingerprinthash. Note: This is only exploitable on 32-bit systems. Remediation Upgrade libssh to...
PT-2025-26738
Name of the Vulnerable Software and Affected Versions: libssh affected versions not specified Description: A flaw in the libssh library can trigger an out-of-bounds read in the sftp handle function due to an incorrect comparison check. This allows the function to access memory beyond the valid...
Double Free
Overview Affected versions of this package are vulnerable to Double Free via the pkikeytoblob function when built with OpenSSL versions older than 3.0. The issue can lead to heap corruption or application instability during error handling in low-memory environments. Workaround This vulnerability...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the sftphandle function due to an incorrect comparison check that allows access to memory beyond the valid handle list, resulting in the return of an invalid pointer used in further processing. An attacker can acce...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to incorrect validity check in the sftpdecodechanneldatatopacket function. An attacker can cause the server to crash by sending specially crafted SFTP packets with payload size field set to value...
TencentOS Server 3: libssh (TSSA-2022:0209)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0209 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 3: libssh (TSSA-2024:0219)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0219 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...