CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

Tenable Nessus•added 2026/01/22 12:0 a.m.•1 views

Azure Linux 3.0 Security Update: openssh (CVE-2024-39894)

The version of openssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39894 advisory. - OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., fo...

7.5CVSS5.6AI score0.02949EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:4 a.m.•4 views

CVE-2024-41780

IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry...

4.6CVSS5.9AI score0.00064EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2015-3896

Malware in sbrugna...

7.2CVSS6.6AI score0.00042EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2001-1128

Malware in sbrugna...

7.2CVSS6.4AI score0.00075EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-3487

Malware in sbrugna...

3.5CVSS6.2AI score0.0155EPSS

Exploits5References8

SUSE Linux•added 2025/02/03 8:47 a.m.•6 views

Security update for openssh

This update for openssh fixes the following issues: CVE-2024-39894: Fixed timing attacks against echo-off password entry bsc1227318 CVE-2024-6387: Fixed race condition in a signal handler bsc1226642. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...

8.1CVSS7.5AI score0.63835EPSS

Exploits77References16

OSV•added 2025/02/03 8:47 a.m.•3 views

SUSE-SU-2025:20009-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2024-39894: Fixed timing attacks against echo-off password entry bsc1227318 - CVE-2024-6387: Fixed race condition in a signal handler bsc1226642...

8.1CVSS6.8AI score0.63835EPSS

Exploits77References9

Oracle linux•added 2024/11/26 12:0 a.m.•284 views

pam security update

1.3.1-36.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-36 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 1.3.1-35 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves:...

7.4CVSS7.4AI score0.00567EPSS

Exploits0

AlpineLinux•added 2024/07/02 6:15 p.m.•25 views

CVE-2024-39894

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., for su and Sudo because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur...

7.5CVSS7.4AI score0.02949EPSS

Exploits0References12

NVD•added 2024/07/02 6:15 p.m.•24 views

CVE-2024-39894

7.5CVSS0.02949EPSS

Exploits0References12

OSV•added 2024/07/02 6:15 p.m.•3 views

AZL-43140 CVE-2024-39894 affecting package openssh for versions less than 9.8p1-1

7.5CVSS6.3AI score0.02949EPSS

Exploits0References1

OSV•added 2024/07/02 6:15 p.m.•4 views

DEBIAN-CVE-2024-39894

7.5CVSS5.7AI score0.02949EPSS

Exploits0References1

UbuntuCve•added 2024/07/02 6:15 p.m.•32 views

CVE-2024-39894

7.5CVSS6.4AI score0.02949EPSS

Exploits0References5

CNNVD•added 2024/07/02 12:0 a.m.•1 views

OpenSSH Security Vulnerabilities

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

7.5CVSS6.9AI score0.02949EPSS

Exploits0References6

Cvelist•added 2024/07/02 12:0 a.m.•49 views

CVE-2024-39894

0.02949EPSS

Exploits0References10

NVD•added 2023/10/17 10:15 a.m.•13 views

CVE-2023-5339

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...

5.5CVSS5AI score0.00073EPSS

Exploits0References1

OSV•added 2023/10/17 10:15 a.m.•11 views

CVE-2023-5339

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...

5.5CVSS7.2AI score0.00073EPSS

Exploits0References1

CVE•added 2023/10/17 9:30 a.m.•33 views

CVE-2023-5339

Mattermost Desktop is affected by CVE-2023-5339: during initial run after a fresh install, it fails to set the correct log level, causing logging of keystrokes including password entry. The issue is described across multiple sources as a logging information disclosure vulnerability in Mattermost ...

5.5CVSS5.1AI score0.00073EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/17 9:30 a.m.•13 views

CVE-2023-5339 Mattermost Desktop logs all keystrokes during initial run after fresh installation

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged...

4.7CVSS5.8AI score0.00073EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 6:19 a.m.•2 views

SUSE CVE-2004-2655

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen...

5.4CVSS7.1AI score0.01401EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by