A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepki_verify_data_signature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the...
6.5CVSS
7AI Score
0.001EPSS
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of...
6.5CVSS
6.6AI Score
0.001EPSS
A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is...
6.5CVSS
7.3AI Score
0.006EPSS
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns...
5.9CVSS
7.3AI Score
0.005EPSS