CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Fedora•added 2026/04/16 11:42 p.m.•3 views

[SECURITY] Fedora 44 Update: ksshaskpass-6.6.4-1.fc44

A ssh-add helper that uses kwallet and kpassworddialog...

5.8AI score

Exploits0

SUSE CVE•added 2026/02/20 12:24 a.m.•1 views

SUSE CVE-2026-24126

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

9.1CVSS5.8AI score0.00013EPSS

Exploits3References3

NVD•added 2026/02/19 12:16 a.m.•2 views

CVE-2026-24126

9.1CVSS0.00013EPSS

Exploits3References3

CVE•added 2026/02/18 11:5 p.m.•7 views

CVE-2026-24126

CVE-2026-24126 (Weblate) : The SSH host-key management endpoint accepts the admin-supplied host value and forwards it to ssh-keyscan without validation, enabling argument injection and potential arbitrary local-file read by the web server user. Affected: Weblate versions ≤ 5.15.2; Impact: read se...

9.1CVSS5.5AI score0.00013EPSS

Exploits3References3Affected Software1

Cvelist•added 2026/02/18 11:5 p.m.•25 views

CVE-2026-24126 Weblate has an argument injection in management console

6.6CVSS0.00013EPSS

Exploits3References3

Tenable Nessus•added 2023/08/31 12:0 a.m.•47 views

FreeBSD : FreeBSD -- ssh-add does not honor per-hop destination constraints (e31a8f8e-47bf-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e31a8f8e-47bf-11ee-8e38-002590c1f29c advisory. - ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinati...

9.8CVSS6.4AI score0.00158EPSS

Exploits0References2

Tenable Nessus•added 2023/07/20 12:0 a.m.•120 views

GLSA-202307-01 : OpenSSH: Remote Code Execution

The remote host is affected by the vulnerability described in GLSA-202307-01 OpenSSH: Remote Code Execution - OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated...

9.8CVSS8AI score0.88329EPSS

Exploits20References7

FreeBSD•added 2023/06/21 12:0 a.m.•44 views

FreeBSD -- ssh-add does not honor per-hop destination constraints

Problem Description: When using ssh-add1 to add smartcard keys to ssh-agent1 with per-hop destination constraints, a logic error prevented the constraints from being sent to the agent resulting in keys being added to the agent without constraints. Impact: A malicious server could leverage the key...

9.8CVSS6.8AI score0.00158EPSS

Exploits0

FreeBSD Advisory•added 2023/06/21 12:0 a.m.•36 views

FreeBSD-SA-23:05.openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:05.openssh Security Advisory The FreeBSD Project Topic: ssh-add does not honor per-hop destination constraints Category: contrib Module: openssh Announced:...

9.8CVSS7.2AI score0.00158EPSS

Exploits0

F5 Networks•added 2023/04/14 7:21 a.m.•46 views

K000133517: OpenSSH vulnerability CVE-2023-28531

Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

9.8CVSS6.5AI score0.00158EPSS

Exploits0

SUSE CVE•added 2023/03/18 3:38 a.m.•1 views

SUSE CVE-2023-28531