CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1851 matches found

Gentoo Linux•added 2023/12/22 12:0 a.m.•33 views

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

6.5CVSS7.7AI score0.04596EPSS

Exploits2

Tenable Nessus•added 2023/12/22 12:0 a.m.•128 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.1011)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.1011 advisory. - Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0...

9.8CVSS8.1AI score0.78607EPSS

Exploits49References19

Tenable Nessus•added 2023/12/22 12:0 a.m.•33 views

GLSA-202312-05 : libssh: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-05 libssh: Multiple Vulnerabilities - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and t...

6.5CVSS6.1AI score0.04596EPSS

Exploits2References6

Tenable Nessus•added 2023/12/21 12:0 a.m.•38 views

Fedora 39 : libssh (2023-0733306be9)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0733306be9 advisory. New upstream release fixing CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Tenable has extracted the preceding description block directly from the...

5.9CVSS7.1AI score0.93305EPSS

Exploits4References4

Hacker One•added 2023/12/20 10:5 p.m.•48 views

Internet Bug Bounty: Command Injection using malicious hostname in expanded proxycommand

A vulnerability in the handling of ProxyCommand and ProxyJump hostname parameters in libssh versions 0.10.x, 0.9.x and 0.8.x was reported. The issue enables malicious code injection through unchecked hostname syntax. User interaction is required for exploitation...

4.8CVSS6.2AI score0.00449EPSS

Exploits0

SUSE CVE•added 2023/12/20 2:9 a.m.•2 views

SUSE CVE-2023-6004

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

4.8CVSS7AI score0.00449EPSS

Exploits0References44

SUSE CVE•added 2023/12/20 2:9 a.m.•2 views

SUSE CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS7AI score0.01421EPSS

Exploits0References44

Tenable Nessus•added 2023/12/20 12:0 a.m.•38 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current proftpd Vulnerability (SSA:2023-354-01)

The version of proftpd installed on the remote host is prior to 1.3.8b. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-354-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

5.9CVSS7.1AI score0.93305EPSS

Exploits4References2

Tenable Nessus•added 2023/12/20 12:0 a.m.•65 views

FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

5.9CVSS7.1AI score0.93305EPSS

Exploits4References6

OpenVAS•added 2023/12/20 12:0 a.m.•19 views

Slackware: Security Advisory (SSA:2023-353-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.9AI score0.93305EPSS

Exploits4References5

OpenVAS•added 2023/12/20 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-6561-1)

5.9CVSS6.7AI score0.93305EPSS

Exploits4References2

Slackware Linux•added 2023/12/19 9:31 p.m.•35 views

[slackware-security] libssh

New libssh packages are available for Slackware 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libssh-0.10.6-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Command injection using proxycommand. Potential...

5.9CVSS7.1AI score0.93305EPSS

Exploits4

Veracode•added 2023/12/19 1:59 p.m.•27 views

Denial Of Service (DoS)

libssh is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of proper validation and checking of return values in the abstract layer for message digest MD operations implemented by different supported crypto backends. This could lead to low-memory failures and potentially...

5.3CVSS7AI score0.01421EPSS

Exploits0References9Affected Software2

Veracode•added 2023/12/19 9:12 a.m.•137 views

Prefix Truncation Attack (Terrapin Attack)

libssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...

5.9CVSS7.1AI score0.93305EPSS

Exploits4References125Affected Software5