Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1851 matches found

OSV
OSVadded 2024/01/03 5:15 p.m.48 views

CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS5.8AI score0.00449EPSS
Exploits0References8
Wolfi
Wolfiadded 2024/01/03 5:15 p.m.41 views

CVE-2023-6004 vulnerabilities

Vulnerabilities for packages: libssh...

4.8CVSS7.1AI score0.00449EPSS
Exploits0
Prion
Prionadded 2024/01/03 5:15 p.m.23 views

Command injection

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.1CVSS7AI score0.00449EPSS
Exploits0References5Affected Software3
UbuntuCve
UbuntuCveadded 2024/01/03 5:15 p.m.48 views

CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS6.7AI score0.00449EPSS
Exploits0References5
OSV
OSVadded 2024/01/03 5:15 p.m.1 views

UBUNTU-CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS6.7AI score0.00449EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2024/01/03 5:1 p.m.2 views

CVE-2023-6004 Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS6.1AI score0.00449EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2024/01/03 5:1 p.m.58 views

CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS6.5AI score0.00449EPSS
Exploits0
Cvelist
Cvelistadded 2024/01/03 5:1 p.m.20 views

CVE-2023-6004 Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS6AI score0.00449EPSS
Exploits0References5
CVE
CVEadded 2024/01/03 5:1 p.m.480 views

CVE-2023-6004

CVE-2023-6004 is a libssh vulnerability where ProxyCommand/ProxyJump can be abused to inject malicious code via the hostname parameter due to unchecked hostname syntax. Multiple advisories (AlmaLinux ALSA-2024:3233/2504, Cloud Foundry USN-6592-1) confirm libssh security updates and provide remedi...

4.8CVSS5.6AI score0.00449EPSS
Exploits0References8Affected Software1
AlpineLinux
AlpineLinuxadded 2024/01/03 5:1 p.m.38 views

CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS5.9AI score0.00449EPSS
Exploits0
OpenVAS
OpenVASadded 2024/01/01 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2023-0357)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.6AI score0.93305EPSS
Exploits4References4
Tenable Nessus
Tenable Nessusadded 2023/12/30 12:0 a.m.42 views

openSUSE 15 Security Update : proftpd (openSUSE-SU-2023:0421-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0421-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References3
Mageia
Mageiaadded 2023/12/29 5:16 p.m.62 views

Updated libssh packages fix security vulnerabilities

New version 0.10.6 for fixing security vulnerabilities of CVE-2023-6004, CVE-2023-48795 Prefix Truncation Attacks in SSH Specification Terrapin Attack and CVE-2023-6918...

5.9CVSS6.2AI score0.93305EPSS
Exploits4References2
OSV
OSVadded 2023/12/29 5:16 p.m.11 views

MGASA-2023-0357 Updated libssh packages fix security vulnerabilities

New version 0.10.6 for fixing security vulnerabilities of CVE-2023-6004, CVE-2023-48795 Prefix Truncation Attacks in SSH Specification Terrapin Attack and CVE-2023-6918...

5.9CVSS6.9AI score0.93305EPSS
Exploits4References3
Debian
Debianadded 2023/12/28 2:27 p.m.83 views

[SECURITY] [DSA 5591-1] libssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5591-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 28, 2023 https://www.debian.org/security/faq -...

5.9CVSS8.7AI score0.93305EPSS
Exploits4
Gentoo Linux
Gentoo Linuxadded 2023/12/28 12:0 a.m.40 views

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

5.9CVSS7.6AI score0.93305EPSS
Exploits4
OSV
OSVadded 2023/12/28 12:0 a.m.30 views

DSA-5591-1 libssh - security update

Bulletin has no description...

5.9CVSS6.5AI score0.93305EPSS
Exploits4
Tenable Nessus
Tenable Nessusadded 2023/12/27 12:0 a.m.46 views

GLSA-202312-16 : libssh: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-16 libssh: Multiple Vulnerabilities - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are...

5.9CVSS7.2AI score0.93305EPSS
Exploits4References5
Microsoft CVE
Microsoft CVEadded 2023/12/25 8:0 a.m.3 views

Libssh: missing checks for return values for digests

...

5.3CVSS6.5AI score0.01421EPSS
Exploits0
OpenVAS
OpenVASadded 2023/12/23 12:0 a.m.13 views

Fedora: Security Advisory (FEDORA-2023-0733306be9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.5AI score0.93305EPSS
Exploits4References8
Rows per page
Query Builder