CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2001-1150

Malware in sbrugna...

7.5CVSS6.4AI score0.00471EPSS

Exploits0References2

Tenable Nessus•added 2025/08/24 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2007-2243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to...

5CVSS7.6AI score0.00441EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 6:46 a.m.•7 views

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

7.8CVSS6.8AI score0.00198EPSS

Exploits3References1

SUSE CVE•added 2023/02/15 6:12 a.m.•1 views

SUSE CVE-2007-2243

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483...

5CVSS8.2AI score0.00441EPSS

Exploits1References4

OpenVAS•added 2021/05/27 12:0 a.m.•24 views

OpenSSH < 4.7 Improper Authentication Vulnerabilities

OpenSSH is prone to multiple improper authentication vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.6AI score0.00441EPSS

Exploits1References3

OSV•added 2019/12/05 12:15 a.m.•2 views

CVE-2019-19522

7.8CVSS7.3AI score0.00198EPSS

Exploits3References6

Tenable Nessus•added 2011/11/18 12:0 a.m.•710 views

OpenSSH S/KEY Authentication Account Enumeration

When OpenSSH has S/KEY authentication enabled, it is possible to remotely determine if an account configured for S/KEY authentication exists. Note that Nessus has not attempted to exploit the issue but has instead only checked if OpenSSH is running on the remote host. As a result, it will not...

5CVSS7.6AI score0.00441EPSS

Exploits1References2

OpenVAS•added 2008/01/17 12:0 a.m.•17 views

Debian: Security Advisory (DSA-457)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.08591EPSS

Exploits1References3

Positive Technologies•added 2007/04/25 12:0 a.m.•6 views

PT-2007-3578 · Openssh +2 · Openssh +2

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 4.6 and earlier Description: The issue allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY. This is because S/KEY displays a different response if the user account exist...

10CVSS7.9AI score0.90356EPSS

Exploits206References345

Packet Storm•added 2007/04/21 12:0 a.m.•772 views

OpenSSH s/key Weakness

/ / / / / / / / / / / / / // / / / / / / / / / // / / / // // / / / / / // ///// // // // Helith - 0815 -------------------------------------------------------------------------------- Author : Rembrandt Date : 2007-04-21 Affected Software: openssh propably other implementations as well Affected ...

5CVSS9.5AI score0.00441EPSS

Exploits1

securityvulns•added 2007/04/21 12:0 a.m.•28 views

OpenSSH account enumeration

S/Key is requested only for existing user account, if S/Key authentication is used...

3.1AI score

Exploits0References1Affected Software1

OpenVAS•added 2005/11/03 12:0 a.m.•16 views

wu-ftpd S/KEY authentication overflow

The remote Wu-FTPd server seems to be vulnerable to a remote overflow. This version contains a remote overflow if s/key support is enabled. The skeychallenge function fails to perform bounds checking on the name variable resulting in a buffer overflow. With a specially crafted request, an attacke...

10CVSS0.3AI score0.08591EPSS

Exploits1References3

OpenVAS•added 2005/11/03 12:0 a.m.•26 views

wu-ftpd S/KEY authentication overflow

The remote Wu-FTPd server seems to be vulnerable to a remote overflow. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS6.4AI score0.08591EPSS

Exploits1References5

securityvulns•added 2004/03/09 12:0 a.m.•29 views

multiple wu-ftpd bugs

Local user can bypass root directory protection, buffer overflow on S/Key authentication...

3.8AI score

Exploits0References1Affected Software1

RedHat Linux•added 2004/03/08 4:55 p.m.•22 views

Important: Red Hat Security Advisory: wu-ftpd security update

An updated wu-ftpd package that fixes two security issues is now available. The wu-ftpd package contains the Washington University FTP File Transfer Protocol server daemon. FTP is a method of transferring files between machines. Glenn Stewart discovered a flaw in wu-ftpd. When configured with...

10CVSS6.4AI score0.08591EPSS

Exploits1References4

OSV•added 2004/03/08 12:0 a.m.•19 views

DSA-457 wu-ftpd - several vulnerabilities

Bulletin has no description...

10CVSS9.3AI score0.08591EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by