Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : openssh (EulerOS-SA-2026-2455)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.CVE-2026-35388 OpenSSH before 10.3 mishandles...

8.2CVSS7.4AI score0.0218EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : openssh (EulerOS-SA-2026-2496)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.CVE-2026-35388 OpenSSH before 10.3 mishandles...

8.2CVSS7.4AI score0.0218EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 3:22 p.m.3 views

SUSE-SU-2026:22352-1 Security update for openssh

This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions bsc1261441. - openssh...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 3:22 p.m.3 views

OPENSUSE-SU-2026:21044-1 Security update for openssh

This update for openssh fixes the following issues Security fixes: - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions bsc1261441. - openssh...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 10:51 a.m.5 views

SUSE-SU-2026:2430-1 Security update for openssh8.4

This update for openssh8.4 fixes the following issues - CVE-2026-3497: Information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References10
OSV
OSV
added 2026/06/11 4:6 p.m.12 views

SUSE-SU-2026:2375-1 Security update for openssh

This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...

8.2CVSS5.3AI score0.0218EPSS
Exploits0References10
OSV
OSV
added 2026/06/11 2:1 p.m.6 views

SUSE-SU-2026:2371-1 Security update for openssh

This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...

8.2CVSS5.8AI score0.0218EPSS
Exploits0References10
OSV
OSV
added 2026/06/10 5:11 p.m.11 views

MGASA-2026-0193 Updated openssh packages fix security vulnerabilities

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode. CVE-2026-35385 In OpenSSH before 10.3, command execution can occur vi...

8.1CVSS6AI score0.00419EPSS
Exploits0References5
Mageia
Mageia
added 2026/06/10 5:11 p.m.8 views

Updated openssh packages fix security vulnerabilities

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode. CVE-2026-35385 In OpenSSH before 10.3, command execution can occur vi...

8.1CVSS6AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.21 views

RHEL 8 : openssh (RHSA-2026:22329)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22329 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

8.1CVSS6.2AI score0.19753EPSS
Exploits8References14
RedHat Linux
RedHat Linux
added 2026/06/03 5:6 a.m.15 views

Important: Red Hat Security Advisory: openssh update

An update for openssh is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 9:5 p.m.22 views

Security Bulletin: Multiple vulnerabilities in OpenSSH affect AIX

Summary There are multiple vulnerabilities in OpenSSH used by AIX CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2026-35385 DESCRIPTION: In OpenSSH before 10.3, a file downloaded by scp may b...

8.1CVSS5.8AI score0.00419EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.53 views

RHEL 8 : openssh (RHSA-2026:21398)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21398 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.57 views

RockyLinux 9 : openssh (RLSA-2026:19219)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19219 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.40 views

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2026-1745)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1745 advisory. Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the...

8.2CVSS5.9AI score0.0218EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

RockyLinux 9 : openssh (RLSA-2026:13381)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13381 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References11
OSV
OSV
added 2026/05/04 12:0 a.m.11 views

ALSA-2026:13380 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

8.1CVSS5.9AI score0.00419EPSS
Exploits0References12
OSV
OSV
added 2026/05/04 12:0 a.m.8 views

ALSA-2026:13383 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.11 views

AlmaLinux 8 : openssh (ALSA-2026:13383)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13383 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References7
OSV
OSV
added 2026/04/29 12:10 p.m.6 views

USN-8222-1 openssh vulnerabilities

Christos Papakonstantinou discovered that the OpenSSH scp tool incorrectly handled the legacy scp protocol -O option. This could result in certain files being installed setuid or setgid, contrary to expectations. CVE-2026-35385 Florian Kohnhäuser discovered that OpenSSH incorrectly handled shell...

8.1CVSS5.9AI score0.00419EPSS
Exploits0References6
Rows per page
Query Builder