Lucene search
K

661 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/05 12:0 a.m.39 views

Ubuntu 16.04 ESM / 18.04 ESM : libssh vulnerabilities (USN-6592-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-2 advisory. USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable...

5.3CVSS6.4AI score0.01421EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/22 12:0 a.m.51 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : libssh vulnerabilities (USN-6592-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-1 advisory. It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possib...

5.3CVSS7.1AI score0.01421EPSS
Exploits0References3
OSV
OSV
added 2024/01/12 11:6 a.m.3 views

OESA-2024-1040 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

5.3CVSS7.4AI score0.01421EPSS
Exploits0References3
OSV
OSV
added 2024/01/12 11:6 a.m.4 views

OESA-2024-1041 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

5.3CVSS7.4AI score0.01421EPSS
Exploits0References3
Veracode
Veracode
added 2023/12/19 1:59 p.m.30 views

Denial Of Service (DoS)

libssh is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of proper validation and checking of return values in the abstract layer for message digest MD operations implemented by different supported crypto backends. This could lead to low-memory failures and potentially...

5.3CVSS7AI score0.01421EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2023/12/19 12:15 a.m.9 views

AZL-32199 CVE-2023-6918 affecting package libssh for versions less than 0.10.6-1

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.5AI score0.01421EPSS
Exploits0References1
NVD
NVD
added 2023/12/19 12:15 a.m.25 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS0.01421EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2023/12/19 12:15 a.m.42 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.49 views

Slackware Linux 14.2 / 15.0 / current libssh Multiple Vulnerabilities (SSA:2023-353-01)

The version of libssh installed on the remote host is prior to 0.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-353-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
AlpineLinux
AlpineLinux
added 2023/12/18 11:27 p.m.61 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6AI score0.01421EPSS
Exploits0
CVE
CVE
added 2023/12/18 11:27 p.m.442 views

CVE-2023-6918

CVE-2023-6918 affects the libssh library where MD operation backends do not properly check return values, potentially causing low-memory failures, NULL dereferences, crashes, or using uninitialized memory as input to the KDF. This can lead to non-matching keys resulting in decryption/integrity fa...

5.3CVSS5.7AI score0.01421EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2023/12/18 11:27 p.m.42 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.2AI score0.01421EPSS
Exploits0
OSV
OSV
added 2023/12/15 11:6 a.m.5 views

OESA-2023-1917 varnish security update

This is Varnish Cache, a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x,...

7.5CVSS7AI score0.012EPSS
Exploits0References2
OSV
OSV
added 2023/12/12 8:15 p.m.3 views

DEBIAN-CVE-2023-41337

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. In version 2.3.0-beta2 and prior, when h2o is configured to listen to multiple addresses or ports with each of them using different backend servers managed by multiple entities, a malicious backend entity that also has the...

6.7CVSS6.6AI score0.00181EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/12/07 8:26 a.m.3 views

postgresql: Role pg_signal_backend can signal certain superuser processes.

A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...

4.4CVSS7.4AI score0.02555EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for cups-filters (EulerOS-SA-2023-3120)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.03697EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.26 views

Rocky Linux 8 : sane-backends (RLSA-2021:1744)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1744 advisory. - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to...

5.5CVSS6.3AI score0.00497EPSS
Exploits1References3
Fedora
Fedora
added 2023/09/15 7:4 p.m.17 views

[SECURITY] Fedora 39 Update: rubygem-activejob-7.0.7.2-1.fc39

Declare job classes that can be run by a variety of queueing backends...

7AI score
Exploits0
OSV
OSV
added 2023/06/12 1:20 p.m.5 views

USN-6148-1 sniproxy vulnerability

It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution...

9.8CVSS7.7AI score0.65515EPSS
Exploits1References2
Fedora
Fedora
added 2023/05/24 1:15 a.m.27 views

[SECURITY] Fedora 37 Update: cups-filters-1.28.16-3.fc37

Contains backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition it contains additional filters developed independently of Apple, especially filters for the PDF-centric printing workflow introduced by OpenPrintin...

8.8CVSS7AI score0.03697EPSS
Exploits1
Rows per page
Query Builder