CVE-2021-33500

PuTTY before 0.75 on Windows allows remote servers to cause a denial of service Windows GUI hang by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs ...

CVE-2020-8585

OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link plink...

CVE-2019-9896

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable...

CVE-2019-17067

PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection...

CVE-2006-7162

PuTTY 0.59 and earlier uses weak file permissions for 1 ppk files containing private keys generated by puttygen and 2 session logs created by putty, which allows local users to gain sensitive information by reading these files...

Linux Distros Unpatched Vulnerability : CVE-2024-31497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in...

openSUSE Security Advisory (openSUSE-SU-2024:0005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TortoiseSVN < 1.14.7 Weak PRNG Vulnerability

TortoiseSVN 1.14.6 contains a vulnerable version of Putty SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: putty-0.81-1.fc40

Putty is a SSH, Telnet & Rlogin client - this time for Linux...

Fedora: Security Advisory (FEDORA-2024-d85c1f7450)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WinSCP < 6.3.3 Key Recovery Attack Vulnerability

The version of WinSCP installed on the remote Windows host is prior to 6.3.3. It is, therefore, affected by a key recovery attack vulnerability. In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in...

The Stark Truth Behind the Resurgence of Russia’s Fin7

The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setting up thousands o...

GLSA-202407-11 : PuTTY: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-11 PuTTY: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...

PuTTY: Multiple Vulnerabilities

Background PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm terminal emulator. Description Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Impact Please review the reference...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

Debian: Security Advisory (DLA-3839-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3839-1] putty security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3839-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 20, 2024 https://wiki.debian.org/LTS -...

DLA-3839-1 putty - security update

Bulletin has no description...

Debian dla-3839 : pterm - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3839 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3839-1 [email protected] https://www.debian.org/lts/security/...

OPENSUSE-SU-2024:11201-1 putty-0.76-1.2 on GA media

These are all security issues fixed in the putty-0.76-1.2 package on the GA media of openSUSE Tumbleweed...