Lucene search
K

898 matches found

BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.5 views

The vulnerability of the `kex_method_diffie_hellman_group_exchange_sha256_key_exchange` function in the `kex.c` component of the SSH2 protocol implementation library Libssh2 allows a attacker to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the kexmethoddiffiehellmangroupexchangesha256keyexchange function in the kex.c component of the SSH2 protocol implementation library Libssh2 is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to...

8.8CVSS7.7AI score0.11659EPSS
Exploits1References13Affected Software5
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.65 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19.1)

The version of AOS installed on the remote host is prior to 5.19.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19.1 advisory. - In Network Security Services NSS before 3.46, several cryptographic primitives had missing length checks. In cases where the...

10CVSS7.5AI score0.99295EPSS
Exploits113References124
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.25 views

Slackware: Security Advisory (SSA:2019-077-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.1AI score0.09219EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.15 views

CVE-2019-17498 affecting package libssh2 for versions less than 1.9.0-1

CVE-2019-17498 affecting package libssh2 for versions less than 1.9.0-1. A patched version of the package is available...

8.1CVSS8AI score0.03793EPSS
Exploits1
OSV
OSV
added 2022/03/07 11:47 p.m.4 views

USN-5308-1 libssh2 vulnerabilities

It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote, unauthenticated attacker could possibly execute arbitrary code on the client system. CVE-2019-3855 It was discovered that libssh2 incorrectly handled prompt...

9.3CVSS7.4AI score0.11659EPSS
Exploits2References12
Ubuntu
Ubuntu
added 2022/03/07 11:47 p.m.63 views

USN-5308-1: libssh2 vulnerabilities

It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote, unauthenticated attacker could possibly execute arbitrary code on the client system. CVE-2019-3855 It was discovered that libssh2 incorrectly handled prompt...

9.3CVSS8.1AI score0.11659EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2019-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.3AI score0.03793EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2015-0107)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.03501EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2019-0139)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.09219EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/12/20 12:0 a.m.25 views

Debian: Security Advisory (DLA-2848-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.11659EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2021/12/18 12:0 a.m.43 views

Debian DLA-2848-1 : libssh2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2848 advisory. Two issues have been discovered in libssh2, a client-side C library implementing the SSH2 protocol: CVE-2019-13115:...

8.1CVSS7.1AI score0.11659EPSS
Exploits2References7
Debian
Debian
added 2021/12/17 10:56 p.m.66 views

[SECURITY] [DLA 2848-1] libssh2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...

8.1CVSS9.1AI score0.11659EPSS
Exploits2
OSV
OSV
added 2021/12/17 12:0 a.m.33 views

DLA-2848-1 libssh2 - security update

Bulletin has no description...

8.1CVSS8AI score0.11659EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/11/04 12:0 a.m.49 views

F5 Networks BIG-IP : libssh2 vulnerabilities (K90011301)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K90011301 advisory. CVE-2019-3856An integer overflow flaw, which could lead to an out of bounds write, was discovered in libss...

8.8CVSS7.8AI score0.06131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.30 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Vulnerability (NS-SA-2021-0173)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...

8.1CVSS6.8AI score0.03793EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.34 views

Security Bulletin: Vulnerabilities in libssh2 affect Power Hardware Management Console (CVE-2016-0787)

Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2016-0787 DESCRIPTION: libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the...

5.9CVSS5.7AI score0.02697EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/22 11:38 p.m.37 views

Security Bulletin: Vulnerability in libssh2 affects Power Hardware Management Console (CVE-2019-3862)

Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-3862 DESCRIPTION: An out of bounds read flaw was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload a...

9.1CVSS0.4AI score0.08114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/22 11:38 p.m.31 views

Security Bulletin: Vulnerability in libssh2 CVE-2019-17498.

Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a malicious SSH server that sends a...

8.1CVSS0.9AI score0.03793EPSS
Exploits1
Rosalinux
Rosalinux
added 2021/07/02 5:17 p.m.38 views

Advisory ROSA-SA-2021-1893

Software: libssh2 1.8.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-13115 CVE-Crit: HIGH CVE-DESC: In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that can cause out-of-range reads when reading packets from the server. A remote attacker...

8.1CVSS7.6AI score0.11659EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.37 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libssh2 Vulnerability (NS-SA-2021-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...

8.1CVSS6.8AI score0.03793EPSS
Exploits1References2
Rows per page
Query Builder