Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2023/12/20 12:0 a.m.2 views

UBUNTU-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2023/12/18 7:15 p.m.2 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS5.8AI score0.00426EPSS
Exploits0References8
OSV
OSVadded 2023/12/18 7:15 p.m.3 views

DEBIAN-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.6AI score0.00426EPSS
Exploits0References1
OSV
OSVadded 2023/12/18 7:15 p.m.3 views

ALPINE-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS7AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/12/18 12:0 a.m.3 views

OpenSSH Security Vulnerabilities

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol that supports encryption of all transmissions, effectively blocking eavesdropping, connection...

5.5CVSS8.3AI score0.00426EPSS
Exploits0References4
Snyk
Snykadded 2023/12/18 12:0 a.m.2 views

Missing Critical Step in Authentication

Overview Affected versions of this package are vulnerable to Missing Critical Step in Authentication due to improper enforcement of security constraints on PKCS11-hosted private keys. An attacker can bypass intended security restrictions by exploiting the issue where only the first key is...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2020/08/18 12:0 a.m.2 views

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation the TLS server always uses wrong data in place of an encryption key derived from an application.

...

7.4CVSS7AI score0.17507EPSS
Exploits3
OSV
OSVadded 2017/09/01 9:29 p.m.3 views

DEBIAN-CVE-2017-12871

The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the encryption protection mechanism by leveraging use of the first 16 bytes of the secret key as the initialization vector IV...

5.9CVSS6.8AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder