2357 matches found
CVE-2026-41880
CVE-2026-41880: R-SOFT DMS OCR module is vulnerable to OS Command Injection via unsanitized user-controllable file paths passed to the system shell through SSH. An authenticated attacker triggering OCR on an uploaded file can execute commands as root. The issue is mitigated by fixes in v3.19-2862...
CVE-2026-21901 Junos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash
A NULL Pointer Dereference vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service DoS. A local high-privileged user configuri...
CVE-2026-21901
A NULL Pointer Dereference vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service DoS. A local high-privileged user configuri...
CVE-2026-21901
CVE-2026-21901 describes a NULL pointer dereference in Juniper Networks Junos OS and Junos OS Evolved mgd (management daemon) when a local, high-privileged user configures or deactivates a specific 'system services ssh' parameter. The vulnerability causes an mgd crash and restart, enabling a sust...
SSH Configuration Injection
Coder is vulnerable to SSH Configuration Injection. The vulnerability is due to coder config-ssh writing server-supplied HostnameSuffix and SSHConfigOptions into the user's /.ssh/config without properly sanitizing embedded newlines or restricting SSH directives, which allows an attacker controlli...
USN-8519-1: Go Cryptography vulnerabilities
Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. An attacker could use this to cause a denial of service. CVE-2025-47913 Yuichi Watanabe discovered that Go Cryptography incorrectly handled SSH key exchanges. An attacker could use this to caus...
CVE-2026-31983
A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint. An unauthenticated attacker can send a request to the SSH keys synchronization endpoint and obtain the list of users that have uploaded their public SSH keys, their groups, and the uploaded public SSH...
EUVD-2026-42533
A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint. An unauthenticated attacker can send a request to the SSH keys synchronization endpoint and obtain the list of users that have uploaded their public SSH keys, their groups, and the uploaded public SSH...
CVE-2026-47831
Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98...
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...
CVE-2026-54590
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig.settokens that blocks /, , and .. before %u substitution in...
EUVD-2026-42417
SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during...
CVE-2026-53422
A flaw was found in Erlang OTP's Secure Shell SSH component, specifically within the SSH File Transfer Protocol SFTP daemon's sshsftpd module. An authenticated SFTP user can exploit an observable response discrepancy in the REALPATH handler to enumerate the existence of files and directories...
CVE-2026-60001
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...
EUVD-2026-42145
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...
CVE-2026-60000
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...
EUVD-2026-42139
internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...
PT-2026-56293
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4 Description A use-after-free issue exists in the ssh client. This occurs when a server changes its host key during a key re-exchange, which is a process where the client and server negotiate new session keys to...