795 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-3862
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload are parsed....
Linux Distros Unpatched Vulnerability : CVE-2019-3855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote...
OSV-2025-92 Null-dereference READ in session_startup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393523566 Crash type: Null-dereference READ Crash state: sessionstartup libssh2sessionhandshake ssh2clientfuzzer.cc...
Advisory ROSA-SA-2025-2675
software: libssh2 1.10.0 OS: ROSA-CHROME packageevrstring: libssh2-1.10.0-3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process...
K000148713: libssh2 vulnerabilities CVE-2019-3858 and CVE-2019-3862
Security Advisory Description CVE-2019-3858 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...
K000148693: libssh2 vulnerability CVE-2015-1782
Security Advisory Description The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet. CVE-2015-1782 Impact There is no impact; F5 products are not affected ...
Slackware: Security Advisory (SSA:2024-290-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware Linux 15.0 / current libssh2 Vulnerability (SSA:2024-290-01)
The version of libssh2 installed on the remote host is prior to 1.11.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-290-01 advisory. New libssh2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...
[slackware-security] libssh2
New libssh2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libssh2-1.11.1-i586-1slack15.0.txz: Upgraded. src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack." For more information,...
RHSA-2023:5615 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2016:0428 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2015:2140 Red Hat Security Advisory: libssh2 security and bug fix update
Bulletin has no description...
RHSA-2020:3915 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:2399 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:1884 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:2136 Red Hat Security Advisory: libssh2 security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2019:1943 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:1652 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:1791 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...
RHSA-2019:0679 Red Hat Security Advisory: libssh2 security update
Bulletin has no description...