Lucene search
K

139 matches found

OSV
OSV
added 2019/02/26 3:43 p.m.15 views

SUSE-SU-2019:0496-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...

6.8CVSS6.7AI score0.58204EPSS
Exploits9References6
OSV
OSV
added 2019/01/21 8:35 a.m.13 views

SUSE-SU-2019:0132-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2019/01/18 3:30 p.m.14 views

SUSE-SU-2019:13931-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2019/01/18 1:19 p.m.13 views

SUSE-SU-2019:0126-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2019/01/18 1:19 p.m.13 views

SUSE-SU-2019:0125-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2018/11/26 4:47 p.m.11 views

SUSE-SU-2018:3910-1 Security update for openssh

This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully...

5.9CVSS6AI score0.98631EPSS
Exploits23References5
OSV
OSV
added 2018/11/16 3:2 p.m.17 views

SUSE-SU-2018:3776-1 Security update for openssh

This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not...

5.9CVSS6AI score0.98631EPSS
Exploits23References7
OSV
OSV
added 2018/11/08 4:56 p.m.11 views

SUSE-SU-2018:3686-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration ...

5.9CVSS5.7AI score0.98631EPSS
Exploits23References7
OSV
OSV
added 2018/10/29 5:47 a.m.10 views

SUSE-SU-2018:3540-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such ...

7.8CVSS5.7AI score0.98631EPSS
Exploits25References12
OSV
OSV
added 2018/10/18 12:49 p.m.5 views

SUSE-SU-2018:2530-2 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message bsc1076957...

7.5CVSS7.5AI score0.15716EPSS
Exploits1References3
OSV
OSV
added 2018/08/31 9:11 p.m.12 views

MGASA-2018-0363 Updated openssh packages fix security vulnerability

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c CVE-2018-15473...

5.9CVSS5.5AI score0.98631EPSS
Exploits23References4
OSV
OSV
added 2018/08/09 1:56 p.m.7 views

SUSE-SU-2018:2275-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-10012: Fix pre-auth compression checks that could be optimized away bsc1016370. - CVE-2016-10708: Fix remote denial of service NULL pointer dereference and daemon crash via an out-of-sequence NEWKEYSmessage...

7.8CVSS6.4AI score0.15716EPSS
Exploits3References12
OSV
OSV
added 2017/03/06 10:26 a.m.19 views

SUSE-SU-2017:0607-2 Security update for openssh

This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of host private keys to...

7.8CVSS7.9AI score0.37431EPSS
Exploits5References9
OSV
OSV
added 2017/03/06 10:26 a.m.20 views

SUSE-SU-2017:0607-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of host private keys to...

7.8CVSS7.9AI score0.37431EPSS
Exploits5References9
OSV
OSV
added 2017/03/06 10:26 a.m.21 views

SUSE-SU-2017:0607-3 Security update for openssh

This update for openssh fixes the following issues: - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of host private keys to...

7.8CVSS7.9AI score0.37431EPSS
Exploits5References9
OSV
OSV
added 2017/03/06 7:28 a.m.22 views

SUSE-SU-2017:0606-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of...

7.8CVSS8AI score0.37431EPSS
Exploits5References8
OSV
OSV
added 2017/03/03 4:46 p.m.21 views

SUSE-SU-2017:0603-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of...

7.8CVSS8.1AI score0.37431EPSS
Exploits5References9
OSV
OSV
added 2017/01/23 12:26 p.m.20 views

SUSE-SU-2017:0264-1 Security update for openssh

This update for openssh fixes several issues. These security issues were fixed: - CVE-2016-8858: The kexinputkexinit function in kex.c allowed remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests bsc1005480. - CVE-2016-10012: The shared memor...

7.8CVSS8.8AI score0.37431EPSS
Exploits8References13
OSV
OSV
added 2016/12/09 11:59 a.m.11 views

CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

7.5CVSS7.2AI score
Exploits0References13
OSV
OSV
added 2016/09/26 3:11 p.m.22 views

SUSE-SU-2016:2388-1 Security update for openssh

This update for OpenSSH fixes the following issues: - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc970632...

9.8CVSS6.7AI score0.88944EPSS
Exploits30References16
Rows per page
Query Builder