CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82 matches found

CNNVD•added 2025/10/21 12:0 a.m.•1 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, and portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH 1.4.20 and earlier versions that stems from improper host authentication and could lead to authentication bypass and client credential...

9.8CVSS6.8AI score0.00067EPSS

Exploits0References1

CNNVD•added 2025/10/21 12:0 a.m.•2 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, portable SSH implementation of wolfSSL open source, including support for SCP and SFTP. A security vulnerability exists in wolfSSH that stems from a possible stack buffer overflow when receiving specially crafted packets, which could lead to the execution of arbitrary co...

9.8CVSS7.3AI score0.0006EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-53348

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01344EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-27817

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00349EPSS

Exploits0References3

Hacker One•added 2025/09/23 3:14 p.m.•8 views

curl: CVE-2025-10966: missing SFTP host verification with wolfSSH

Summary: When curl is built with the wolfSSH backend, the SSH/SFTP implementation in lib/vssh/wolfssh.c performs no server host key verification and exposes no host identity options in the curl tool. I verified this locally by building curl with wolfSSH binary reports wolfssh/1.4.20, observing th...

4.3CVSS6.9AI score0.00033EPSS

Exploits1

RedhatCVE•added 2025/05/22 10:55 p.m.•6 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS7.6AI score0.01344EPSS

Exploits0References1

OSV•added 2024/03/25 10:37 p.m.•2 views

CVE-2024-2873

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS6.4AI score

Exploits0References3

NVD•added 2024/03/25 10:37 p.m.•6 views

CVE-2024-2873

9.1CVSS8.9AI score0.00349EPSS

Exploits0References3

Cvelist•added 2024/03/25 9:58 p.m.•11 views

CVE-2024-2873 User authentication bypass in wolfSSH server

9.1CVSS9AI score0.00349EPSS

Exploits0References3

Vulnrichment•added 2024/03/25 9:58 p.m.•8 views

CVE-2024-2873 User authentication bypass in wolfSSH server

9.1CVSS7AI score0.00349EPSS

Exploits0References3

CVE•added 2024/03/25 9:58 p.m.•47 views

CVE-2024-2873

CVE-2024-2873 affects wolfSSH’s server-side state machine prior to 1.4.17. A malicious client could create channels without first authenticating, resulting in unauthorized access (confidentiality and integrity impact reported; availability not affected). Affected: wolfSSH versions before 1.4.17. ...

9.1CVSS8.9AI score0.00349EPSS

Exploits0References3Affected Software1

CNNVD•added 2024/03/25 12:0 a.m.•2 views

wolfSSH 安全漏洞

wolfSSH is a small, fast, and portable implementation of SSH, including support for SCP and SFTP. A security vulnerability exists in wolfSSH versions prior to 1.4.17. An attacker could use this vulnerability to create a channel without first performing user authentication, which could lead to...

9.1CVSS6.5AI score0.00349EPSS

Exploits0References4

Positive Technologies•added 2023/06/02 12:0 a.m.•2 views

PT-2023-35855 · Wolfssh · Wolfssh

Name of the Vulnerable Software and Affected Versions: wolfSSH affected versions not specified Description: The issue is related to a heap buffer overflow, which can cause a crash. The crash occurs in the wolfSSH shutdown function, specifically when handling a BundlePacket and SendChannelExit...

7AI score

Exploits0References2

ATTACKERKB•added 2022/07/13 4:15 p.m.•2 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS8.7AI score0.01344EPSS

Exploits0References2

OSV•added 2022/07/13 4:15 p.m.•10 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS7.6AI score

Exploits0References1

NVD•added 2022/07/13 4:15 p.m.•10 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.8CVSS0.01344EPSS

Exploits0References1

Prion•added 2022/07/13 4:15 p.m.•9 views

Integer overflow

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

7.5CVSS9.7AI score0.01344EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/07/13 3:29 p.m.•13 views

CVE-2022-32073

WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSHSFTPRecvRMDIR...

9.9AI score0.01344EPSS

Exploits0References1

CVE•added 2022/07/13 3:29 p.m.•62 views

CVE-2022-32073

WolfSSH v1.4.7 contains an integer overflow in the function wolfSSH_SFTP_RecvRMDIR (CVE-2022-32073). The issue is documented across multiple sources (NVD, CVE records, and vendor pages) as a vulnerability arising from an integer overflow in the SFTP RMDIR handling path. No exploit details are pro...

9.8CVSS9.6AI score0.01344EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/07/13 12:0 a.m.•2 views

wolfSSH 输入验证错误漏洞

wolfSSH is a small, fast, and portable SSH implementation that includes support for SCP and SFTP. A security vulnerability exists in wolfSSH v1.4.7, which stems from an integer overflow in its function wolfSSHSFTPRecvRMDIR...

9.8CVSS8.3AI score0.01344EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by