139 matches found
CVE-2025-32728
In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...
[SECURITY] Fedora 42 Update: openssh-9.9p1-9.fc42
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Linux Distros Unpatched Vulnerability : CVE-2023-48795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...
Linux Distros Unpatched Vulnerability : CVE-2020-15778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE:...
Linux Distros Unpatched Vulnerability : CVE-2018-15919
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 ...
Linux Distros Unpatched Vulnerability : CVE-2016-6210
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exis...
Linux Distros Unpatched Vulnerability : CVE-2016-10009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by...
Linux Distros Unpatched Vulnerability : CVE-2015-5600
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a...
CVE-2025-26466 Openssh: denial-of-service in openssh
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
SUSE-SU-2025:0744-1 Security update for openssh8.4
This update for openssh8.4 fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Other bugfixes: - Fix usage of local accelerator cards via openssl-ibmca bsc1216474, bsc1218871. - Add patches from upstream to change the...
SUSE-SU-2025:0659-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - Add a s390 specific ioctl for ECC hardware support bsc1225637: - for migration to openssh 8.4: write active/enabled switch over files only if n...
SUSE-SU-2025:0605-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040...
[SECURITY] Fedora 41 Update: openssh-9.9p1-3.fc41
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Slackware: Security Advisory (SSA:2025-049-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:0585-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041...
[SECURITY] [DSA 5868-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5868-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2025 https://www.debian.org/security/faq -...
DLA-4057-1 openssh - security update
Bulletin has no description...
RHSA-2005:106 Red Hat Security Advisory: openssh security update
Bulletin has no description...
RHSA-2013:1591 Red Hat Security Advisory: openssh security, bug fix, and enhancement update
Bulletin has no description...
[SECURITY] [DSA 5724-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5724-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 01, 2024 https://www.debian.org/security/faq -...