CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/12/18 12:0 a.m.•2 views

RockyLinux 8 : openssh (RLSA-2025:23481)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23481 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh://...

3.6CVSS6.4AI score0.00061EPSS

Exploits2References5

RedHat Linux•added 2025/12/17 5:42 p.m.•3 views

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RedHat Linux•added 2025/12/17 5:42 p.m.•3 views

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code executi...

3.6CVSS6.4AI score0.00012EPSS

RedHat Linux•added 2025/12/17 4:48 p.m.•1 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

RedHat Linux•added 2025/12/17 4:48 p.m.•5 views

Exploits0References7

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

3.6CVSS6.4AI score0.00012EPSS

RedHat Linux•added 2025/12/17 4:48 p.m.•7 views

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RedHat Linux•added 2025/12/17 2:16 p.m.•3 views

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

3.6CVSS6.4AI score0.00012EPSS

RedHat Linux•added 2025/12/17 2:16 p.m.•5 views

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Tenable Nessus•added 2025/12/17 12:0 a.m.•4 views

RHEL 8 : openssh (RHSA-2025:23481)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23481 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

3.6CVSS6.5AI score0.00061EPSS

AlmaLinux•added 2025/12/17 12:0 a.m.•22 views

Moderate: openssh security update

3.6CVSS9.6AI score0.00061EPSS

Tenable Nessus•added 2025/12/17 12:0 a.m.•4 views

RHEL 10 : openssh (RHSA-2025:23479)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23479 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

3.6CVSS6.5AI score0.00061EPSS

OSV•added 2025/12/17 12:0 a.m.•1 views

ALSA-2025:23481 Moderate: openssh security update

3.6CVSS7.4AI score0.00061EPSS

AlmaLinux•added 2025/12/17 12:0 a.m.•3 views

Moderate: openssh security update

3.6CVSS7.6AI score0.00061EPSS

OSV•added 2025/12/17 12:0 a.m.•6 views

ALSA-2025:23479 Moderate: openssh security update

3.6CVSS7.4AI score0.00061EPSS

OpenVAS•added 2025/12/11 12:0 a.m.•2 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-2505)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tenable Nessus•added 2025/12/11 12:0 a.m.•2 views

Exploits2References2

EulerOS 2.0 SP13 : openssh (EulerOS-SA-2025-2526)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to...

3.6CVSS6.4AI score0.00061EPSS

Redos•added 2025/12/03 12:0 a.m.•3 views

ROS-20251203-09

A vulnerability in the ProxyCommand component of the OpenSSH cryptographic protection tool is related to the injection of a null byte %00 in the username string. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

3.6CVSS9.3AI score0.00061EPSS

Exploits0

Tenable Nessus•added 2025/12/02 12:0 a.m.•1 views

openSUSE 16 Security Update : openssh (openSUSE-SU-2025-20122-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20122-1 advisory. - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution vi...

3.6CVSS6.8AI score0.00061EPSS