Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3858)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin only works with Tenable.ot...

9.1CVSS6.9AI score0.06448EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2019-3858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who...

9.1CVSS7.1AI score0.06448EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2024/11/26 2:7 a.m.28 views

K000148713: libssh2 vulnerabilities CVE-2019-3858 and CVE-2019-3862

Security Advisory Description CVE-2019-3858 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

9.1CVSS7.5AI score0.08114EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/16 12:0 a.m.24 views

RHEL 6 : libssh2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh2: Out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - A...

9.1CVSS9.2AI score0.08114EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.28 views

Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...

9.3CVSS8.2AI score0.11659EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.11659EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2019:13982-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8AI score0.09219EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.2.0 : libssh2 (EulerOS-SA-2021-1384)

According to the version of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A...

9.1CVSS7.2AI score0.06448EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2021-1384)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.4AI score0.06448EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.72 views

libssh2 security update

1.8.0-4 - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially...

9.3CVSS2.2AI score0.09219EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/28 3:9 p.m.39 views

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance (CVE-2019-3861, CVE-019-3858)

Summary Multiple vulnerabilities were fixed in the libssh2 component used by the IBM Security Access Manager Appliance. Vulnerability Details CVEID: CVE-2019-3861 DESCRIPTION: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value...

9.1CVSS2AI score0.06448EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.3AI score0.09219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.35 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0252)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attack...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.34 views

Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: libssh2 1.8.0. Security Fixes : - libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read CVE-2019-3858 - libssh2: Out-of-bounds reads with specially crafted SSH packets CVE-2019-386...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.97 views

libssh2 security, bug fix, and enhancement update

1.8.0-3 - sanitize public header file detected by rpmdiff 1.8.0-2 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - fix out-of-bounds reads wit...

9.3CVSS2.1AI score0.09219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.184 views

RHEL 7 : libssh2 (RHSA-2019:2136)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2136 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. The following packages have been upgraded to a later upstream...

9.1CVSS7.6AI score0.06448EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/15 10:35 p.m.85 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z

Summary AT&T has released versions 1801-z for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches Vulnerabili...

9.3CVSS1.3AI score0.09393EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.35 views

EulerOS Virtualization 2.5.3 : libssh2 (EulerOS-SA-2019-1360)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote...

9.1CVSS7.3AI score0.08114EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.241 views

Fedora 30 : libssh2 (2019-70a9d4f970)

This update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.3CVSS7.4AI score0.09219EPSS
Exploits0References10
ALT Linux
ALT Linux
added 2019/04/24 12:0 a.m.57 views

Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt3.M80P.1

1.4.3-alt3.M80P.1 built April 24, 2019 Aleksei Nikiforov in task 227571 April 19, 2019 Aleksei Nikiforov - Fixes: + CVE-2016-0787 Truncated Diffie-Hellman secret length + CVE-2019-3855 Possible integer overflow in transport read allows out-of-bounds write + CVE-2019-3856 Possible integer overflow...

9.3CVSS8.4AI score0.09219EPSS
Exploits0
Rows per page
Query Builder