10 matches found
RHEL 8 : openssh (RHSA-2026:15893)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15893 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary...
EUVD-2019-15676
Malware in sbrugna...
Medium: openssh
Issue Overview: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Affected Packages: openssh Issue Correction: Run dnf update openssh --releasever 2023.7.20250623 to update your...
Linux Distros Unpatched Vulnerability : CVE-2025-26465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine...
Linux Distros Unpatched Vulnerability : CVE-2021-36368
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an...
Linux Distros Unpatched Vulnerability : CVE-2018-20685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact ...
Linux Distros Unpatched Vulnerability : CVE-2016-3115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command...
Siemens SIMATIC and SCALANCE Devices Missing Critical Step in Authentication (CVE-2023-51384)
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys. This plugin...
January 18, 2025—KB5052819 (OS Build 20348.3095) Out-of-band
None None...
DEBIAN-CVE-2023-51384
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...