CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

The vulnerability of the SSH-server software used in Bosch BVMS video surveillance systems allows a intruder to gain unauthorized access to the network.

The vulnerability of the SSH-server software used in Bosch BVMS video surveillance systems is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to the network by using port redirection requests...

Bosch Video Management System 安全漏洞

Bosch Video Management System is a video management system from Bosch, Germany. A security vulnerability exists in Bosch Video Management System, which stems from improper authorization of the SSH server, allowing an authenticated attacker to access resources on the internal network via port...

golang: crash in a golang.org/x/crypto/ssh server

A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...

SUSE CVE-2019-3858

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

SUSE CVE-2019-3856

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

SUSE CVE-2019-3859

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

golang: crash in a golang.org/x/crypto/ssh server

A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...

CVE-2022-28622

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2...

Jenkins Kubernetes Continuous Deploy 插件跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

PT-2022-17138 · Jenkins · Jenkins Ftp Publisher Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SCP publisher Plugin versions 1.8 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. The...

CVE-2021-34718

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file...

PT-2021-4048 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the SSH Server process could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This issue is due to...

CVE-2021-1572 ConfD CLI Secure Shell Server Privilege Escalation Vulnerability

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exist...

The vulnerability of the libssh2 library, related to integer overflows, allows an attacker to execute arbitrary code.

The vulnerability of the libssh2 library is related to integer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting to an SSH server...

The vulnerability of the libssh2 library, related to errors in handling parameter length mismatches, allows attackers to trigger service failures or gain unauthorized access to protected information.

The vulnerability of the libssh2 library is related to errors in handling mismatches in parameter length. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures or gain unauthorized access to protected information by connecting to an SSH server...

Design/Logic Flaw

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...

UBUNTU-CVE-2019-3855

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

ALPINE-CVE-2019-3855

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

ALPINE-CVE-2019-3859

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...