Lucene search
K

49 matches found

OSV
OSV
added 6 days ago4 views

DEBIAN-CVE-2026-59999

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not...

7.5CVSS5.9AI score0.0014EPSS
Exploits0References1
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-60000

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...

7.5CVSS6AI score0.00407EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51472

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A heap out-of-bounds read occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the...

3.7CVSS6.1AI score0.00367EPSS
Exploits1References19
RedHat Linux
RedHat Linux
added 2026/06/03 5:6 a.m.14 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.9AI score0.00176EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.20 views

RockyLinux 10 : openssh (RLSA-2026:19069)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19069 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References11
OSV
OSV
added 2026/05/21 4:27 p.m.13 views

RLSA-2025:23480 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...

5.3CVSS6.8AI score0.00218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016495 advisory. In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the...

8.1CVSS5.9AI score0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 4:30 p.m.3 views

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

7.5CVSS5.8AI score0.00419EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada, designed for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection...

2.5CVSS5.9AI score0.0013EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: openssh (UTSA-2026-006246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006246 advisory. ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. Tenable has extracted the...

3.6CVSS6AI score0.00113EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.8 views

EulerOS 2.0 SP11 : openssh (EulerOS-SA-2026-1614)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to...

3.6CVSS6.8AI score0.00218EPSS
Exploits2References3
CVE
CVE
added 2026/01/09 4:15 p.m.14 views

CVE-2025-69426

The CVE-2025-69426 issue affects Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0. An initialization script contains hardcoded OS user credentials, enabling authentication even though SCP and pseudo-TTY are disabled. The SSH service is network-accessible without IP-based restriction...

10CVSS7AI score0.00387EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

EulerOS Virtualization 2.13.0 : openssh (EulerOS-SA-2025-2612)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources,...

3.6CVSS6.3AI score0.00218EPSS
Exploits2References3
OSV
OSV
added 2025/12/18 10:9 a.m.7 views

RHSA-2025:23481 Red Hat Security Advisory: openssh security update

Bulletin has no description...

5.3CVSS6.9AI score0.00218EPSS
Exploits2References14
OSV
OSV
added 2025/11/07 12:31 p.m.6 views

OESA-2025-2646 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

3.6CVSS8AI score0.00218EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/10/16 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0161: openssh (ALINUX3-SA-2025:0161)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0161 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-26465: A vulnerability was found in OpenSS...

6.8CVSS7AI score0.06997EPSS
Exploits4References2
GithubExploit
GithubExploit
added 2025/09/03 3:31 a.m.249 views

Exploit for Use After Free in Microsoft

CVE-2025-27480 CVE‑2025‑27480 – Remote Code Execution in O...

8.1CVSS8.2AI score0.09617EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2025/05/07 12:48 p.m.12 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.7AI score0.93305EPSS
Exploits4References6
Microsoft KB
Microsoft KB
added 2025/03/11 7:0 a.m.496 views

March 11, 2025—KB5053596 (OS Build 17763.7009) - EXPIRED

None None...

8.8CVSS6.8AI score0.58974EPSS
Exploits44
Microsoft KB
Microsoft KB
added 2025/03/11 7:0 a.m.52 views

March 11, 2025—KB5053599 (OS Build 25398.1486)

None None...

8.8CVSS6.8AI score0.58974EPSS
Exploits47
Rows per page
Query Builder