CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

405 matches found

RedhatCVE•added 2025/05/21 6:23 p.m.•5 views

CVE-1999-0013

Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...

8.4CVSS6.9AI score0.00668EPSS

Exploits0References1

GithubExploit•added 2025/04/19 8:9 p.m.•2131 views

Exploit for Unquoted Search Path or Element in Openbsd Openssh

OpenSSH Vulnerability - CVE-2023-38408 :books: Introduct...

9.8CVSS7.8AI score0.64352EPSS

Exploits10

BDU FSTEC•added 2025/04/15 12:0 a.m.•1 views

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows a attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” type attack...

9.4CVSS5.8AI score0.00162EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/04/10 6:21 a.m.•18 views

CVE-2025-32728

A flaw was found in OpenSSH. In affected versions of sshd, the DisableForwarding directive does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and agent forwarding, which may allow unintended access under certain configurations. Mitigation To...

4.3CVSS6.7AI score0.0022EPSS

Exploits0References4

Redos•added 2024/10/22 12:0 a.m.•31 views

ROS-20241021-07

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or execute arbitrary code...

7.1CVSS7.7AI score0.00256EPSS

Exploits1

BDU FSTEC•added 2024/10/14 12:0 a.m.•1 views

The vulnerability of the “-Oallow-remote-pkcs11” configuration in the ssh-agent service of OpenSSH for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the -Oallow-remote-pkcs11 configuration in the ssh-agent service of OpenSSH for Windows is related to improper external management of file names or paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library...

7.6CVSS5.9AI score0.04922EPSS

Exploits0References4

Positive Technologies•added 2024/10/08 12:0 a.m.•3 views

PT-2024-6780 · Microsoft · Openssh For Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft OpenSSH for Windows affected versions not specified Description: The issue is related to a configuration vulnerability in the OpenSSH service for Windows, specifically with the -Oallow-remote-pkcs11 option for the ssh-agent...

7.6CVSS7.7AI score0.04922EPSS

Exploits0References9

Tenable Nessus•added 2024/09/10 12:0 a.m.•88 views

NewStart CGSL MAIN 6.02 : openssh Vulnerability (NS-SA-2024-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has openssh packages installed that are affected by a vulnerability: - A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if ...

9.8CVSS8.3AI score0.64352EPSS

Exploits10References3

Tenable Nessus•added 2024/07/05 12:0 a.m.•9 views

Fedora 39 : cockpit (2024-9eb3674b7c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9eb3674b7c advisory. Automatic update for cockpit-320-1.fc39. Changelog for cockpit Wed Jul 03 2024 Packit - 320-1 - pam-ssh-add: Fix insecure killing of session ssh-agent...

3.2CVSS4.9AI score0.00018EPSS

Exploits0References2

OpenVAS•added 2024/03/05 12:0 a.m.•57 views

CentOS: Security Advisory for openssh (CESA-2023:4382)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.64352EPSS

Exploits10References2

Tenable Nessus•added 2024/02/29 12:0 a.m.•306 views

CentOS 9 : openssh-8.7p1-34.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-8.7p1-34.el9 build changelog. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an age...

9.8CVSS7.9AI score0.64352EPSS

Exploits10References2

Redos•added 2024/02/12 12:0 a.m.•50 views

ROS-20240212-01

A vulnerability in the PKCS11 function of the ssh-agent component of the OpenSSH cryptographic security tool is related to the following the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute...

9.8CVSS7.9AI score0.64352EPSS

Exploits10

Tenable Nessus•added 2024/02/08 12:0 a.m.•81 views

CentOS 8 : openssh (CESA-2023:4419)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4419 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forward...

9.8CVSS7.9AI score0.64352EPSS

Exploits13References2

Tenable Nessus•added 2024/01/16 12:0 a.m.•64 views

EulerOS Virtualization 2.11.1 : openssh (EulerOS-SA-2023-3057)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

9.8CVSS8AI score0.64352EPSS

Exploits13References2

Tenable Nessus•added 2024/01/16 12:0 a.m.•47 views

EulerOS 2.0 SP8 : openssh (EulerOS-SA-2023-3140)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...

9.8CVSS8AI score0.64352EPSS

Exploits13References2

Tenable Nessus•added 2024/01/16 12:0 a.m.•65 views

EulerOS Virtualization 3.0.6.0 : openssh (EulerOS-SA-2023-3440)

9.8CVSS8AI score0.64352EPSS

Exploits13References2

Tenable Nessus•added 2024/01/16 12:0 a.m.•58 views

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2023-2901)

9.8CVSS8AI score0.64352EPSS

Exploits13References2

Tenable Nessus•added 2024/01/16 12:0 a.m.•60 views

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2023-2882)