Lucene search
K

42 matches found

OSV
OSV
added 2026/05/16 3:41 p.m.9 views

CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

9.1CVSS7AI score0.05118EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3860)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin only works with Tenable.ot. Please visit...

9.1CVSS6.9AI score0.05118EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2019-3860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SS...

9.1CVSS7.1AI score0.05118EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2025/01/14 6:12 p.m.20 views

K000149288: libssh vulnerabilities CVE-2019-3859 and CVE-2019-3860

Security Advisory Description CVE-2019-3859 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

9.1CVSS8.4AI score0.06275EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.28 views

Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...

9.3CVSS8.2AI score0.11659EPSS
Exploits2References12
Amazon
Amazon
added 2023/06/06 12:0 a.m.32 views

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

9.1CVSS7.9AI score0.06275EPSS
Exploits0
Amazon
Amazon
added 2023/05/16 12:0 a.m.87 views

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

9.1CVSS7.9AI score0.06275EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.4 views

SUSE CVE-2019-3860

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

3.5CVSS6.9AI score0.05118EPSS
Exploits0References21
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.11659EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.32 views

SUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:14099-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14099-1 advisory. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who...

9.1CVSS7.2AI score0.05118EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2019:13982-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8AI score0.09219EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2019:14099-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.05118EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2019:1606-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.05118EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.3AI score0.09219EPSS
Exploits0References2
OSV
OSV
added 2019/08/21 11:37 a.m.7 views

SUSE-SU-2019:1606-2 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Fix the previous fix for CVE-2019-3860 bsc1136570, bsc1128481 Out-of-bounds reads with specially crafted SFTP packets...

9.1CVSS8.8AI score0.05118EPSS
Exploits0References4
OSV
OSV
added 2019/08/21 11:37 a.m.5 views

SUSE-SU-2019:1606-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Fix the previous fix for CVE-2019-3860 bsc1136570, bsc1128481 Out-of-bounds reads with specially crafted SFTP packets...

9.1CVSS8.8AI score0.05118EPSS
Exploits0References4
Debian
Debian
added 2019/07/30 7:44 p.m.181 views

[SECURITY] [DLA 1730-4] libssh2 regression update

Package : libssh2 Version : 1.4.3-4.1+deb8u5 CVE ID : CVE-2019-3860 Several more boundary checks have been backported to libssh2s src/sftp.c. Furthermore, all boundary checks in src/sftp.c now result in an LIBSSH2ERRORBUFFERTOOSMALL error code, rather than a LIBSSH2ERROR OUTOFBOUNDARY error code...

9.1CVSS6.9AI score0.05118EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/15 10:35 p.m.85 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-z

Summary AT&T has released versions 1801-z for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches Vulnerabili...

9.3CVSS1.3AI score0.09393EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2019/06/28 12:0 a.m.28 views

openSUSE: Security Advisory for libssh2_org (openSUSE-SU-2019:1640-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.5AI score0.05118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/06/28 12:0 a.m.28 views

openSUSE Security Update : libssh2_org (openSUSE-2019-1640)

This update for libssh2org fixes the following issues : - Fix the previous fix for CVE-2019-3860 bsc1136570, bsc1128481 Out-of-bounds reads with specially crafted SFTP packets This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.1CVSS7.2AI score0.05118EPSS
Exploits0References3
Rows per page
Query Builder