Lucene search
K

45 matches found

OSV
OSV
added 2025/11/13 9:12 p.m.6 views

GO-2025-4116 Potential denial of service in golang.org/x/crypto/ssh/agent

SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...

7.5CVSS6.8AI score0.00591EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2023-38408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded...

9.8CVSS7.6AI score0.76768EPSS
Exploits10References2
Vulnrichment
Vulnrichment
added 2023/03/17 12:0 a.m.6 views

CVE-2023-28531

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...

7.1AI score0.02216EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-28041

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...

7.1CVSS7AI score0.03422EPSS
Exploits1References16
ATTACKERKB
ATTACKERKB
added 2022/08/24 1:15 p.m.2 views

CVE-2022-36633

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social...

8.8CVSS7.4AI score0.49476EPSS
Exploits6References4
Rows per page
Query Builder