Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-28531)

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

9.8CVSS6.7AI score0.02216EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.22 views

TencentOS Server 4: openssh (TSSA-2024:0951)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0951 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7.8AI score0.76768EPSS
Exploits13References3
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.39 views

CBL Mariner 2.0 Security Update: openssh (CVE-2023-28531)

The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28531 advisory. - ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination...

9.8CVSS6.4AI score0.02216EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/06/28 5:7 p.m.70 views

CVE-2023-28531 affecting package openssh for versions less than 8.9p1-5

CVE-2023-28531 affecting package openssh for versions less than 8.9p1-5. A patched version of the package is available...

9.8CVSS7AI score0.02216EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2024/02/29 12:0 a.m.81 views

USN-6560-1: OpenSSH vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension...

9.8CVSS6.5AI score0.93305EPSS
Exploits4Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.222 views

Debian DSA-5586-1 : openssh - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5586 advisory. Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to...

9.8CVSS7.2AI score0.93305EPSS
Exploits14References15
OpenVAS
OpenVAS
added 2023/12/20 12:0 a.m.61 views

Ubuntu: Security Advisory (USN-6560-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.7AI score0.93305EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2023/12/19 1:2 p.m.271 views

USN-6560-1: OpenSSH vulnerabilities

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

9.8CVSS7.1AI score0.93305EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.180 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6560-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If...

9.8CVSS7AI score0.93305EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.49 views

FreeBSD : FreeBSD -- ssh-add does not honor per-hop destination constraints (e31a8f8e-47bf-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e31a8f8e-47bf-11ee-8e38-002590c1f29c advisory. - ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinati...

9.8CVSS6.4AI score0.02216EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.125 views

GLSA-202307-01 : OpenSSH: Remote Code Execution

The remote host is affected by the vulnerability described in GLSA-202307-01 OpenSSH: Remote Code Execution - OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated...

9.8CVSS8AI score0.89955EPSS
Exploits20References7
CBLMariner
CBLMariner
added 2023/06/27 9:25 p.m.135 views

CVE-2023-28531 affecting package openssh 8.9p1-1

CVE-2023-28531 affecting package openssh 8.9p1-1. A patched version of the package is available...

9.8CVSS7.5AI score0.02216EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/04/14 7:21 a.m.50 views

K000133517: OpenSSH vulnerability CVE-2023-28531

Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

9.8CVSS6.5AI score0.02216EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/03/18 3:38 a.m.6 views

SUSE CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS6.7AI score0.02216EPSS
Exploits0References3
Circl
Circl
added 2023/03/17 6:31 a.m.27 views

CVE-2023-28531

creationtimestamp| type| source ---|---|--- 2023-03-17 06:31:14+00:00| seen| https://t.me/cibsecurity/60220 2024-01-26 23:00:49+00:00| seen| https://t.me/arpsyndicate/3105 2025-04-01 08:49:50+00:00| published-proof-of-concept| https://t.me/MalaysiaHacktivistz/2962 2025-04-01 08:49:50+00:00|...

9.8CVSS7.6AI score0.02216EPSS
Exploits0References10
NVD
NVD
added 2023/03/17 4:15 a.m.46 views

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS9.3AI score0.02216EPSS
Exploits0References7
OSV
OSV
added 2023/03/17 4:15 a.m.200 views

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS6.8AI score0.02216EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/03/17 12:0 a.m.104 views

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS9.4AI score0.02216EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/03/17 12:0 a.m.381 views

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

9.8CVSS6.1AI score0.02216EPSS
Exploits0
CVE
CVE
added 2023/03/17 12:0 a.m.4747 views

CVE-2023-28531

CVE-2023-28531 affects OpenSSH: ssh-add adds smartcard keys to ssh-agent without the intended per‑hop destination constraints, starting from OpenSSH up to version 9.2.x and earliest affected 8.9. The issue is resolved in OpenSSH 9.3 and later. Remediation is upgrading to 9.3+ (or the distro patch...

9.8CVSS9.1AI score0.02216EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder