Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/06/23 7:41 p.m.12 views

CVE-2026-55200

An out-of-bounds write vulnerability exists in the libssh2 client. A remote attacker can exploit this by sending a specially crafted SSH packet with an abnormally large length value. This corrupts the application's memory and can potentially allow the attacker to execute arbitrary code on the...

9.2CVSS6.3AI score0.00922EPSS
Exploits8References6
Vulnrichment
Vulnrichment
added 2026/03/25 4:7 p.m.3 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS5.9AI score0.00093EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-2525

Malware in sbrugna...

7.8CVSS7.6AI score0.01939EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-0680

Malware in sbrugna...

5CVSS6.4AI score0.01631EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Codeorigin Sysax Multi Server 资源管理错误漏洞

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A security vulnerability exists in Codeorigin Sysax Multi Server version 6.99, which stems from the susceptibility to denial of service attacks when processing specially crafted...

7.5CVSS6.6AI score0.00489EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/23 5:53 p.m.14 views

CVE-2024-20526

A vulnerability in the SSH server of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. A...

5.3CVSS0.00469EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/23 5:53 p.m.13 views

CVE-2024-20526

A vulnerability in the SSH server of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. A...

5.3CVSS7.2AI score0.00469EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.143 views

Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service', 'Description' = %q This module sends a specially-crafted SSH Key Exchange causing t...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.3 views

The vulnerability of the /api/upload component of the software platform zdir, which allows a perpetrator to execute arbitrary code.

The vulnerability of the /api/upload component in the zdir application exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created .ssh fil...

9CVSS8.1AI score0.01226EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.2 views

zdir 路径遍历漏洞

zdir is a lightweight directory listing program by the individual developer of helloxz. A security vulnerability exists in zdir version v3.2.0. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted .ssh files...

8.8CVSS8.5AI score0.01226EPSS
Exploits1References2
CVE
CVE
added 2022/02/17 12:51 p.m.110 views

CVE-2022-22899

Core FTP / SFTP Server v2 Build 725 is affected by a buffer error in the SSH service that allows unauthenticated attackers to cause a Denial of Service via a crafted SSH packet. Documented impact is DoS; attack path is network-based, with no authentication required. Remediation guidance across so...

5.5CVSS5.5AI score0.01028EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2019/10/21 10:15 p.m.59 views

CVE-2019-17498

In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a...

8.1CVSS6.8AI score0.03793EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.34 views

Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: libssh2 1.8.0. Security Fixes : - libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read CVE-2019-3858 - libssh2: Out-of-bounds reads with specially crafted SSH packets CVE-2019-386...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References3
Prion
Prion
added 2017/11/15 4:29 p.m.13 views

Race condition

A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By...

4.3CVSS5.7AI score0.08742EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2016/10/06 10:0 a.m.19 views

CVE-2015-0721

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection...

7.5AI score0.01959EPSS
Exploits0References3
NVD
NVD
added 2016/04/13 5:59 p.m.19 views

CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

7.5CVSS7.3AI score0.0391EPSS
Exploits0References7
Prion
Prion
added 2014/09/10 10:55 a.m.15 views

Code injection

The SSH module in the Integrated Management Controller IMC before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service IMC hang via a crafted SSH packet, aka Bug ID CSCuo69206...

5CVSS7AI score0.02584EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2014/06/08 11:0 p.m.33 views

CVE-2014-3048

Unspecified vulnerability on the IBM System Storage Virtualization Engine TS7700 allows local users to gain privileges by leveraging the TSSC service-user role to enter a crafted SSH command...

6.3AI score0.00266EPSS
Exploits0References3
Prion
Prion
added 2010/04/13 5:30 p.m.29 views

Code injection

The SSH service on the TANDBERG Video Communication Server VCS before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets...

8.5CVSS6.8AI score0.02148EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2009/02/26 12:0 a.m.61 views

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Document ID: 109450 Advisory ID: cisco-sa-20090225-ace...

10CVSS1.5AI score0.01839EPSS
Exploits1
Rows per page
Query Builder