Lucene search
K

55 matches found

OSV
OSV
added 2026/06/23 6:0 a.m.3 views

SUSE-SU-2026:2515-1 Security update for openssh, openssh-askpass-gnome

This update for openssh, openssh-askpass-gnome fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430...

8.1CVSS6AI score0.00419EPSS
Exploits0References6
OSV
OSV
added 2026/06/04 8:27 a.m.3 views

SUSE-SU-2026:22067-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2026-35388: Added missing askpass check for proxy-mode multiplexing sessions bsc1261441 - CVE-2026-3497: Fixed a possible information disclosure or denial of service due to uninitialized variables in gssapi patches bsc1259642 - Add patch t...

8.2CVSS5.4AI score0.0218EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.24 views

SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2025-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2025-1 advisory. This update for openssh fixes the following issues Tenable has extracted the preceding description block directly from the SUSE security...

8.1CVSS5.9AI score0.00419EPSS
Exploits0References7
OSV
OSV
added 2026/04/17 5:24 p.m.5 views

CLSA-2026-1776444688 openssh: Fix of 3 CVEs

CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...

8.1CVSS6AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2026/04/17 12:21 p.m.7 views

CLSA-2026-1776428482 openssh: Fix of 3 CVEs

CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...

8.1CVSS5.8AI score0.00237EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.11 views

rsync security update

3.4.1-2.2 - Resolves: RHEL-152885 - CVE-2025-10158 Out of bounds array access via negative index 3.4.1-2.1 - Resolves: RHEL-152878 - clearing DISPLAY breaks SSHASKPASS expectations...

4.3CVSS5.9AI score0.00283EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/04/01 12:0 a.m.6 views

rsync security update

3.2.5-3.2 - Resolves: RHEL-152888 - CVE-2025-10158 Out of bounds array access via negative index 3.2.5-3.1 - Resolves: RHEL-152879 - clearing DISPLAY breaks SSHASKPASS expectations...

4.3CVSS5.8AI score0.00283EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/11/15 12:0 a.m.28 views

Debian: Security Advisory (DLA-3187-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01348EPSS
Exploits0References4
OSV
OSV
added 2022/10/12 9:15 p.m.2 views

DEBIAN-CVE-2021-36369

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...

7.5CVSS8.2AI score0.01348EPSS
Exploits0References1
Prion
Prion
added 2022/10/12 9:15 p.m.32 views

Authentication flaw

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...

5CVSS7.5AI score0.01348EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2022/10/12 12:0 a.m.33 views

CVE-2021-36369

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...

7.8AI score0.01348EPSS
Exploits0References4
CVE
CVE
added 2022/10/12 12:0 a.m.455 views

CVE-2021-36369

CVE-2021-36369 affects Dropbear up to version 2020.81. The issue stems from a non-RFC-compliant check of available authentication methods in the client-side SSH code, allowing an SSH server to influence the login process, bypassing security measures such as FIDO2 tokens or SSH-Askpass, and enabli...

7.5CVSS7.4AI score0.01348EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/09/27 12:0 a.m.78 views

SUSE SLES11 Security Update : openssh (SUSE-SU-2016:2388-1)

This update for OpenSSH fixes the following issues : - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc97063...

9.8CVSS6.8AI score0.88944EPSS
Exploits30References21
OSV
OSV
added 2016/09/26 3:11 p.m.21 views

SUSE-SU-2016:2388-1 Security update for openssh

This update for OpenSSH fixes the following issues: - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc970632...

9.8CVSS6.7AI score0.88944EPSS
Exploits30References16
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the ssh-askpass-gnome package for the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.8AI score0.44963EPSS
Exploits7References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the ssh-askpass-ptk package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information...

7.2CVSS7.4AI score0.00871EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the openssh-askpass-3.1p1 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.8AI score0.44963EPSS
Exploits10References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the openssh-askpass package of the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.8AI score0.44963EPSS
Exploits9References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the openssh-askpass-3.6.1p2 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

7.5CVSS6.4AI score0.02681EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.10 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the openssh-askpass-gnome-3.6.1p2 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS6.4AI score0.02681EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder