Lucene search
+L

5 matches found

OSV
OSV
added 3 days ago3 views

CVE-2026-38974

Dulwich through 1.1.0 was found to be missing SSH host key verification in contrib/paramikovendor.py...

5.3CVSS6.1AI score0.00194EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/07/03 6:13 a.m.15 views

CVE-2026-12064

When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...

7.5CVSS6AI score0.00574EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2026-1160)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification...

7.5CVSS6.1AI score0.01301EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.10 views

PT-2023-6507 · Warpgate · Warpgate

Name of the Vulnerable Software and Affected Versions: Warpgate versions prior to 0.8.1 Description: The issue is related to errors in cryptographic signature verification, allowing a remote attacker to bypass the authentication process under certain conditions. Specifically, the SSH key...

8.1CVSS8AI score0.00253EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/05/18 2:19 a.m.3 views

SUSE CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

5.9CVSS8.2AI score0.02489EPSS
Exploits1References67
Rows per page
Query Builder