Lucene search
K

10 matches found

OSV
OSV
added 2026/04/22 1:31 p.m.9 views

CLSA-2026-1776864708 Fix CVE(s): CVE-2019-13115, CVE-2019-3855, CVE-2019-3856, CVE-2019-3863

SECURITY UPDATE: integer overflow in transport read allowing out-of-bounds write via crafted SSH packet - debian/patches/CVE-2019-3855.patch: add packetlength bounds check against LIBSSH2PACKETMAXPAYLOAD in transport read - CVE-2019-3855 SECURITY UPDATE: integer overflow in keyboard-interactive...

9.3CVSS7.1AI score0.11659EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2019-13115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the w...

9.3CVSS7.1AI score0.11659EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.28 views

Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...

9.3CVSS8.2AI score0.11659EPSS
Exploits2References12
Debian
Debian
added 2023/09/08 11:25 a.m.42 views

[SECURITY] [DLA 3559-1] libssh2 security update

Debian LTS Advisory DLA-3559-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 08, 2023 https://wiki.debian.org/LTS Package : libssh2 Version : 1.8.0-2.1+deb10u1 CVE ID : CVE-2019-13115 CVE-2019-17498 CVE-2020-22218 Debian Bug : 932329 943562...

8.1CVSS6.7AI score0.11659EPSS
Exploits2
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.11659EPSS
Exploits2References2
Debian
Debian
added 2021/12/17 10:56 p.m.66 views

[SECURITY] [DLA 2848-1] libssh2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...

8.1CVSS9.1AI score0.11659EPSS
Exploits2
OpenVAS
OpenVAS
added 2019/11/17 12:0 a.m.31 views

Fedora Update for libssh2 FEDORA-2019-ec04c34768

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2AI score
Exploits0References2
Debian
Debian
added 2019/07/25 6:35 p.m.134 views

[SECURITY] [DLA 1730-3] libssh2 regression update

Package : libssh2 Version : 1.4.3-4.1+deb8u4 CVE ID : CVE-2019-3859 CVE-2019-13115 Various security problems have been additionally fixed in libssh2, an SSH client implementation written in C++. CVE-2019-3859 While investigating the impact of CVE-2019-13115 in Debian jessies version of libssh2, i...

9.3CVSS7AI score0.11659EPSS
Exploits1
OSV
OSV
added 2019/07/16 6:15 p.m.43 views

CVE-2019-13115

In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or caus...

8.1CVSS6.8AI score
Exploits0References15
CVE
CVE
added 2019/07/16 12:0 a.m.384 views

CVE-2019-13115

CVE-2019-13115 affects libssh2 prior to 1.9.0, where kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c can overflow an integer, leading to an out-of-bounds read when processing server packets. The vulnerability could allow a remote attacker controlling a SSH server to disclose...

8.1CVSS8.5AI score0.11659EPSS
Exploits1References15Affected Software1
Rows per page
Query Builder