Lucene search
K

9 matches found

Ubuntu
Ubuntu
added 2026/06/30 12:41 p.m.9 views

USN-8486-1: libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits11
OSV
OSV
added 2026/06/30 12:41 p.m.3 views

USN-8486-1 libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits11References4
OSV
OSV
added 2026/06/18 9:16 p.m.7 views

DEBIAN-CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

6.5CVSS6AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 9:16 p.m.11 views

CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS0.00267EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 9:16 p.m.3 views

UBUNTU-CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS6AI score0.00267EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/18 8:18 p.m.5 views

CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS7.2AI score0.00267EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/18 8:18 p.m.8 views

CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS5.5AI score0.00267EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/18 8:18 p.m.6 views

CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

8.3CVSS6AI score0.00267EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.11 views

PT-2026-50786

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.1 commit 2dae302 Description An out-of-bounds heap read exists in the sftp symlink function within src/sftp.c. A malicious SSH server or man-in-the-middle attacker can disclose heap memory contents or cause a cra...

8.3CVSS7.2AI score0.00267EPSS
Exploits0References25
Rows per page
Query Builder