Lucene search
K

11 matches found

OSV
OSV
added 2026/02/23 7:56 p.m.4 views

USN-8051-2 libssh vulnerabilities

USN-8051-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libssh clients incorrectly handled the key exchange process. A remote attacker could possibly...

8.2CVSS6AI score0.00582EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-20979

Name of the Vulnerable Software and Affected Versions libssh versions prior to 0.11.4-1.1 Description A denial of service condition can occur due to a malformed SFTP message. Recommendations Update to version 0.11.4-1.1 or later...

10CVSS6.2AI score0.00582EPSS
Exploits0References108
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2025-2610)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX...

4.7CVSS5.9AI score0.00375EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.3 views

EulerOS 2.0 SP12 : libssh (EulerOS-SA-2025-2363)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation...

8.8CVSS6.4AI score0.00407EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2025-2392)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash...

8.8CVSS6.4AI score0.00407EPSS
Exploits0References5
CVE
CVE
added 2025/08/05 8:5 p.m.20 views

CVE-2013-10065

CVE-2013-10065 affects Sysax Multi-Server 6.10 SSHD. A specially crafted SSH key exchange packet can crash the service, causing denial of service. The flaw is triggered by malformed key exchange data, including a non‑standard byte (0x28) replacing the SSH protocol delimiter. Multiple sources (NVD...

8.7CVSS6.5AI score0.01094EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/07/24 3:15 p.m.1 views

CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...

4.7CVSS6.9AI score0.00217EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.2 views

PT-2025-30668

Name of the Vulnerable Software and Affected Versions libssh affected versions not specified Description A flaw exists in libssh, a library implementing the SSH protocol. During the key exchange KEX process, an allocation failure within cryptographic functions can result in a NULL pointer...

4.7CVSS6.6AI score0.00442EPSS
Exploits0References84
OSV
OSV
added 2022/10/03 3:15 p.m.4 views

CVE-2022-42306

An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbxexchange during registration and cause a NULL pointer exception, effectively crashing the pbxexchange process...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References1
OSV
OSV
added 2020/01/05 3:37 p.m.8 views

MGASA-2020-0003 Updated putty packages fix security vulnerabilities

Updated putty package fixes security vulnerabilities: Two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. Vulnerability in all the SSH client tools PuTTY, Plink, PSFTP, and PSCP if a malicious program can impersonate Pageant. Crash in GSSAP...

7.5CVSS7.8AI score0.02248EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2010/10/14 4:9 p.m.7 views

qpid: crash when redeclaring the exchange with specified alternate_exchange

The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service NULL pointer...

4CVSS5.8AI score0.04086EPSS
Exploits0References4
Rows per page
Query Builder