55 matches found
SUSE-SU-2026:2515-1 Security update for openssh, openssh-askpass-gnome
This update for openssh, openssh-askpass-gnome fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430...
SUSE-SU-2026:22067-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2026-35388: Added missing askpass check for proxy-mode multiplexing sessions bsc1261441 - CVE-2026-3497: Fixed a possible information disclosure or denial of service due to uninitialized variables in gssapi patches bsc1259642 - Add patch t...
SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2025-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2025-1 advisory. This update for openssh fixes the following issues Tenable has extracted the preceding description block directly from the SUSE security...
CLSA-2026-1776444688 openssh: Fix of 3 CVEs
CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...
CLSA-2026-1776428482 openssh: Fix of 3 CVEs
CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...
rsync security update
3.4.1-2.2 - Resolves: RHEL-152885 - CVE-2025-10158 Out of bounds array access via negative index 3.4.1-2.1 - Resolves: RHEL-152878 - clearing DISPLAY breaks SSHASKPASS expectations...
rsync security update
3.2.5-3.2 - Resolves: RHEL-152888 - CVE-2025-10158 Out of bounds array access via negative index 3.2.5-3.1 - Resolves: RHEL-152879 - clearing DISPLAY breaks SSHASKPASS expectations...
Debian: Security Advisory (DLA-3187-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2021-36369
An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...
Authentication flaw
An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...
CVE-2021-36369
An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...
CVE-2021-36369
CVE-2021-36369 affects Dropbear up to version 2020.81. The issue stems from a non-RFC-compliant check of available authentication methods in the client-side SSH code, allowing an SSH server to influence the login process, bypassing security measures such as FIDO2 tokens or SSH-Askpass, and enabli...
SUSE SLES11 Security Update : openssh (SUSE-SU-2016:2388-1)
This update for OpenSSH fixes the following issues : - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc97063...
SUSE-SU-2016:2388-1 Security update for openssh
This update for OpenSSH fixes the following issues: - Prevent user enumeration through the timing of password processing. bsc989363, CVE-2016-6210 - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used. bsc948902 - Sanitize input for xauth1. bsc970632...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the ssh-askpass-gnome package for the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the ssh-askpass-ptk package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the openssh-askpass-3.1p1 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the openssh-askpass package of the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the openssh-askpass-3.6.1p2 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the openssh-askpass-gnome-3.6.1p2 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...