Lucene search
K

164 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46890

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00549EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/08/14 9:26 a.m.5 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

7.6CVSS7.5AI score0.02394EPSS
Exploits0References24
CheckPoint Security
CheckPoint Security
added 2025/08/12 12:0 a.m.20 views

Check Point Response to CVE-2025-3831 - Exposed SFTP server

Cause The agent used a shared SFTP key embedded in the software to upload diagnostic logs. The key was granted permission to read and list files on the server, rather than restricted to upload-only access. As a result, anyone possessing the key could access log files uploaded by other customers...

9.8CVSS7AI score0.00371EPSS
Exploits0
NVD
NVD
added 2025/07/25 6:15 p.m.4 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS0.00777EPSS
Exploits0References8
OSV
OSV
added 2025/07/25 6:15 p.m.3 views

DEBIAN-CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.8AI score0.00777EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/25 5:19 p.m.3 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.5AI score0.00777EPSS
Exploits0References9Affected Software6
CVE
CVE
added 2025/07/25 5:19 p.m.56 views

CVE-2025-5449

CVE-2025-5449 affects libssh’s SFTP server message decoding. The root cause is an integer overflow caused by an incorrect packet length check, enabling overflow when processing large payloads on 32-bit systems. This leads to a failed memory allocation and can crash the server process, causing a d...

6.5CVSS6.1AI score0.00777EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/25 5:19 p.m.2 views

CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS7.2AI score0.00777EPSS
Exploits0References8
OSV
OSV
added 2025/07/25 5:19 p.m.4 views

CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.7AI score0.00777EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/07/25 5:19 p.m.12 views

CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS0.00777EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/07/25 5:19 p.m.6 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.8AI score0.00777EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/07/25 5:19 p.m.8 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.3AI score0.00777EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/07/10 4:3 p.m.2 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. CVE-2025-5318: Fixed likely read beyond bounds in sftp server handl...

7.6CVSS7.4AI score0.02394EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2025/07/04 4:2 p.m.3 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...

7.6CVSS6.8AI score0.02394EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/07/04 5:34 a.m.3 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.4AI score0.00777EPSS
Exploits0References9
OSV
OSV
added 2025/06/25 12:0 a.m.3 views

UBUNTU-CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS5.8AI score0.00777EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/06/24 11:24 p.m.2 views

SUSE CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS6.7AI score0.00777EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.8 views

CVE-2023-20115

A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This vulnerability is d...

5.4CVSS6.7AI score0.00439EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.6 views

CVE-2022-43920

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter. IBM X-Force ID: 241362...

8.8CVSS6.5AI score0.00549EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.9 views

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service DoS via a crafted packet through the SSH service...

5.5CVSS7.2AI score0.00863EPSS
Exploits1References1
Rows per page
Query Builder