Lucene search
K

84 matches found

Vulnrichment
Vulnrichment
added 2025/10/21 1:25 p.m.9 views

CVE-2025-11625 Host verification bypass and credential leak

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials...

9.4CVSS6.7AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, and portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH 1.4.20 and earlier versions that stems from improper host authentication and could lead to authentication bypass and client credential...

9.8CVSS6.8AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH that stems from a possible stack buffer overflow when receiving specially crafted packets, which could lead to the execution of arbitrary co...

9.8CVSS7.3AI score0.00334EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53348

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01546EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27817

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00628EPSS
Exploits0References3
Hacker One
Hacker One
added 2025/09/23 3:14 p.m.11 views

curl: CVE-2025-10966: missing SFTP host verification with wolfSSH

Summary: When curl is built with the wolfSSH backend, the SSH/SFTP implementation in lib/vssh/wolfssh.c performs no server host key verification and exposes no host identity options in the curl tool. I verified this locally by building curl with wolfSSH binary reports wolfssh/1.4.20, observing th...

4.3CVSS6.9AI score0.0039EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:55 p.m.8 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS7.6AI score0.01546EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.10 views

The vulnerability of the SSH library wolfSSH, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.

The vulnerability of the SSH library wolfSSH is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

9.4CVSS5.5AI score0.00628EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/03/25 10:37 p.m.13 views

CVE-2024-2873

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS8.9AI score0.00628EPSS
Exploits0References3
OSV
OSV
added 2024/03/25 9:58 p.m.5 views

CVE-2024-2873 User authentication bypass in wolfSSH server

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS5.9AI score0.00628EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/25 9:58 p.m.20 views

CVE-2024-2873 User authentication bypass in wolfSSH server

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS9AI score0.00628EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/25 9:58 p.m.12 views

CVE-2024-2873 User authentication bypass in wolfSSH server

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS7AI score0.00628EPSS
Exploits0References3
CVE
CVE
added 2024/03/25 9:58 p.m.53 views

CVE-2024-2873

CVE-2024-2873 affects wolfSSH’s server-side state machine prior to 1.4.17. A malicious client could create channels without first authenticating, resulting in unauthorized access (confidentiality and integrity impact reported; availability not affected). Affected: wolfSSH versions before 1.4.17. ...

9.1CVSS8.9AI score0.00628EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.3 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, and portable implementation of SSH, including support for SCP and SFTP. A security vulnerability exists in wolfSSH versions prior to 1.4.17. An attacker could use this vulnerability to create a channel without first performing user authentication, which could lead to...

9.1CVSS6.5AI score0.00628EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/02 12:0 a.m.6 views

PT-2023-35855 · Wolfssh · Wolfssh

Name of the Vulnerable Software and Affected Versions: wolfSSH affected versions not specified Description: The issue is related to a heap buffer overflow, which can cause a crash. The crash occurs in the wolfSSH shutdown function, specifically when handling a BundlePacket and SendChannelExit...

7AI score
Exploits0References2
NVD
NVD
added 2022/07/13 4:15 p.m.16 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS0.01546EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/13 4:15 p.m.2 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS8.7AI score0.01546EPSS
Exploits0References2
Prion
Prion
added 2022/07/13 4:15 p.m.11 views

Integer overflow

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

7.5CVSS9.7AI score0.01546EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/13 3:29 p.m.18 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.9AI score0.01546EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 3:29 p.m.12 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS7.6AI score0.01546EPSS
Exploits0References3
Rows per page
Query Builder