Lucene search
K

893 matches found

Ubuntu
Ubuntu
added 3 days ago6 views

USN-8486-1: libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits10
OSV
OSV
added 3 days ago3 views

USN-8486-1 libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits10References4
RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-58051

A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 4 days ago9 views

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

8.3CVSS5.9AI score0.00333EPSS
Exploits0References6
Chainguard
Chainguard
added 4 days ago7 views

CVE-2026-55200 vulnerabilities

Vulnerabilities for packages: libssh2...

9.2CVSS7.3AI score0.00732EPSS
Exploits10
Chainguard
Chainguard
added 4 days ago7 views

GHSA-R8MH-X5QV-7GG2 vulnerabilities

Vulnerabilities for packages: libssh2...

5.8AI score
Exploits0
Wolfi
Wolfi
added 4 days ago9 views

CVE-2026-55200 vulnerabilities

Vulnerabilities for packages: libssh2...

9.2CVSS7.3AI score0.00732EPSS
Exploits10
Wolfi
Wolfi
added 4 days ago9 views

GHSA-R8MH-X5QV-7GG2 vulnerabilities

Vulnerabilities for packages: libssh2...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 4 days ago4 views

Fedora 44 : libssh2 (2026-ca858b3ed8)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ca858b3ed8 advisory. This update addresses a few security issues, one of which could plausibly result in remote code execution. Tenable has extracted the preceding...

9.2CVSS7.6AI score0.00732EPSS
Exploits10References4
OSV
OSV
added 5 days ago8 views

DEBIAN-CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 5 days ago12 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
NVD
NVD
added 5 days ago11 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS0.0028EPSS
Exploits0References3
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References5
Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-58051 libssh2 - Free of Uninitialized Pointer in publickey List Cleanup

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS0.0028EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-39971

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References3
CVE
CVE
added 5 days ago32 views

CVE-2026-58051

CVE-2026-58051 affects libssh2 up to version 1.11.1. The vulnerability arises because libssh2 grows its publickey list using SSH2_REALLOC but does not zero-initialize the newly allocated entries before parsing populates them. If parsing fails and the code path cleans up, libssh2_publickey_list_fr...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-39970

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
Rows per page
Query Builder