Lucene search
K

54 matches found

OSV
OSV
added 2025/09/11 9:15 a.m.10 views

AZL-67130 CVE-2025-48039 affecting package erlang for versions less than 25.3.2.21-4

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.8AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 9:15 a.m.1 views

DEBIAN-CVE-2025-48040

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

6.9CVSS5.4AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 9:15 a.m.2 views

DEBIAN-CVE-2025-48039

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References1
NVD
NVD
added 2025/09/11 9:15 a.m.5 views

CVE-2025-48038

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS0.00359EPSS
Exploits0References7
OSV
OSV
added 2025/09/11 9:15 a.m.8 views

UBUNTU-CVE-2025-48038

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.8AI score0.00359EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/09/11 8:14 a.m.5 views

CVE-2025-48041

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.1CVSS5.4AI score0.00359EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/09/11 8:14 a.m.3 views

EEF-CVE-2025-48041 SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Summary Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and...

7.1CVSS5.5AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2025/09/11 8:14 a.m.6 views

CVE-2025-48041 SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.1CVSS5.9AI score0.00359EPSS
Exploits0References11
OSV
OSV
added 2025/09/11 8:13 a.m.5 views

CVE-2025-48039 Unverified Paths can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.9AI score0.00359EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/09/11 8:13 a.m.17 views

CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS0.00359EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.7 views

PT-2025-37165

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 Erlang OTP versions 27.3.4.3 Description An Allocation of Resources Without Limits or Throttling issue exists in the Erlang OTP ssh ssh sftp modules, potentially leading to...

7.1CVSS6.6AI score0.00359EPSS
Exploits0References43
OpenVAS
OpenVAS
added 2025/03/31 12:0 a.m.9 views

openSUSE Security Advisory (SUSE-SU-2025:1051-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.3AI score0.0046EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/29 12:0 a.m.8 views

SUSE SLES15: erlang26 / erlang26-debugger / erlang26-debugger-src / etc (SUSE-SU-2025:1051-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1051-1 advisory. - CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP bsc1237467 Tenable has extracted the...

7CVSS6.7AI score0.0046EPSS
Exploits0References4
OSV
OSV
added 2025/03/28 2:50 p.m.7 views

SUSE-SU-2025:1051-1 Security update for erlang26

This update for erlang26 fixes the following issues: - CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP bsc1237467...

7CVSS7.2AI score0.0046EPSS
Exploits0References3
OSV
OSV
added 2025/03/18 9:58 a.m.10 views

SUSE-SU-2025:0901-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2025-26618: Fixed SSH SFTP packet size not verified properly in Erlang OTP bsc1237467...

7CVSS7.2AI score0.0046EPSS
Exploits0References3
OSV
OSV
added 2025/03/06 5:56 p.m.12 views

MGASA-2025-0088 Updated erlang packages fix security vulnerability

SSH SFTP packet size not verified properly in Erlang OTP. CVE-2025-26618...

7CVSS7.1AI score0.0046EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/05 12:0 a.m.7 views

CVE-2022-38336

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication...

6.8AI score0.00829EPSS
Exploits1References1
NVD
NVD
added 2020/08/20 1:15 p.m.20 views

CVE-2019-20150

In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...

6.5CVSS6.5AI score0.00914EPSS
Exploits1References1
Prion
Prion
added 2020/08/20 1:15 p.m.16 views

Design/Logic Flaw

In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. Using functionality within the application and a malicious host, it is possible to force the application to expose saved SSH/SFTP credentials. This can be done by using the application's...

4CVSS6.4AI score0.00914EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2017/01/23 7:59 a.m.11 views

Information disclosure

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

4.3CVSS6.9AI score0.00578EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder