Lucene search
K

261 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.48 views

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1177)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

5.9CVSS7.2AI score0.93305EPSS
Exploits4References4
Ubuntu
Ubuntu
added 2024/02/05 1:2 p.m.376 views

USN-6592-2: libssh vulnerabilities

USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this...

5.3CVSS7AI score0.01421EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/01/23 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-6592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.01421EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/01/22 1:5 p.m.314 views

USN-6592-1: libssh vulnerabilities

It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. CVE-2023-6004 It was discovered that libssh incorrectl...

5.3CVSS6.8AI score0.01421EPSS
Exploits0
OSV
OSV
added 2024/01/12 11:6 a.m.4 views

OESA-2024-1041 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

5.3CVSS7.4AI score0.01421EPSS
Exploits0References3
OSV
OSV
added 2024/01/12 11:6 a.m.5 views

OESA-2024-1042 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

5.3CVSS7.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.38 views

Fedora 38 : libssh (2023-55800423a8)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-55800423a8 advisory. Fix regression in IPv6 hosntames parsing ---- New upstream release fixing CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Tenable has extracted the...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.9 views

The vulnerability of the universal monitoring system Zabbix, related to weak encryption, allows attackers to gain access to confidential data.

The vulnerability of the Zabbix universal monitoring system relates to the hashing of passwords using the MD5 algorithm. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

7.8CVSS7.1AI score0.01211EPSS
Exploits0References8Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.39 views

Fedora 39 : libssh (2023-0733306be9)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0733306be9 advisory. New upstream release fixing CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Tenable has extracted the preceding description block directly from the...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
SUSE CVE
SUSE CVE
added 2023/12/20 2:9 a.m.3 views

SUSE CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS7AI score0.01421EPSS
Exploits0References44
Veracode
Veracode
added 2023/12/19 1:59 p.m.30 views

Denial Of Service (DoS)

libssh is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of proper validation and checking of return values in the abstract layer for message digest MD operations implemented by different supported crypto backends. This could lead to low-memory failures and potentially...

5.3CVSS7AI score0.01421EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2023/12/19 12:15 a.m.7 views

AZL-34943 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.6AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 12:15 a.m.2 views

DEBIAN-CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.6AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 12:15 a.m.9 views

AZL-32199 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.5AI score0.01421EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/12/19 12:15 a.m.46 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.49 views

Slackware Linux 14.2 / 15.0 / current libssh Multiple Vulnerabilities (SSA:2023-353-01)

The version of libssh installed on the remote host is prior to 0.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-353-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
Cvelist
Cvelist
added 2023/12/18 11:27 p.m.35 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6AI score0.01421EPSS
Exploits0References6
OSV
OSV
added 2023/12/18 11:27 p.m.24 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6.6AI score0.01421EPSS
Exploits0References12
CVE
CVE
added 2023/12/18 11:27 p.m.443 views

CVE-2023-6918

CVE-2023-6918 affects the libssh library where MD operation backends do not properly check return values, potentially causing low-memory failures, NULL dereferences, crashes, or using uninitialized memory as input to the KDF. This can lead to non-matching keys resulting in decryption/integrity fa...

5.3CVSS5.7AI score0.01421EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2023/12/18 11:27 p.m.42 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.2AI score0.01421EPSS
Exploits0
Rows per page
Query Builder