Lucene search
K

25 matches found

CVE
CVE
added 2023/07/20 12:0 a.m.36643 views

CVE-2023-38408

The CVE-2023-38408 issue affects OpenSSH’s ssh-agent PKCS#11 support, where an insufficiently trustworthy search path (notably code loaded from /usr/lib) enables remote code execution when an agent is forwarded to an attacker-controlled system; this stems from an incomplete fix for CVE-2016-10009...

9.8CVSS8.3AI score0.76768EPSS
Web
CVE
CVE
added 2020/07/24 12:0 a.m.30708 views

CVE-2020-15778

The CVE-2020-15778 entry covers a command-injection flaw in scp within OpenSSH up to version 8.3p1. The vulnerability resides in scp.c toremote, enabling arbitrary command execution when a destination argument contains backtick characters; the vendor notes they intentionally forgo validating anom...

7.8CVSS7.8AI score0.12996EPSS
CVE
CVE
added 2017/10/26 12:0 a.m.10788 views

CVE-2017-15906

OpenSSH OpenSSH sftp-server.c contains a write-blocking flaw in readonly mode that can let an attacker create zero-length files. Specifically, the process_open function in sftp-server.c mishandles write operations when in read-only mode, affecting OpenSSH versions prior to 7.6. The vulnerability ...

5.3CVSS5.5AI score0.03359EPSS
CVE
CVE
added 2022/03/12 11:24 p.m.8931 views

CVE-2021-36368

OpenSSH CVE-2021-36368 affects OpenSSH before 8.9. If a client uses public-key authentication with agent forwarding but not -oLogLevel=verbose, and a server is silently modified to support None authentication, the user cannot reliably tell if FIDO authentication will confirm the intended connecti...

3.7CVSS4.2AI score0.01677EPSS
CVE
CVE
added 2024/07/01 12:37 p.m.7828 views

CVE-2024-6387

CVE-2024-6387 is a remote code-execution vulnerability in OpenSSH’s server (sshd) caused by a race condition in a signal handler that may run after a client fails to authenticate within LoginGraceTime. The issue is exploitable by an unauthenticated, remote attacker on glibc-based Linux systems, p...

8.1CVSS8.5AI score0.99506EPSS
In wild
CVE
CVE
added 2023/12/18 12:0 a.m.5273 views

CVE-2023-51385

OpenSSH CVE-2023-51385: OS command injection can occur when a username or hostname containing shell metacharacters is used in expansion tokens, e.g., in untrusted repositories. Affected: OpenSSH up to version

6.5CVSS7.1AI score0.19753EPSS
Web
CVE
CVE
added 2023/12/18 12:0 a.m.4949 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.93305EPSS
CVE
CVE
added 2018/01/21 10:0 p.m.4218 views

CVE-2016-10708

OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...

7.5CVSS5.9AI score0.15716EPSS
CVE
CVE
added 2008/08/27 8:0 p.m.2990 views

CVE-2008-3844

CVE-2008-3844 corresponds to tampered Red Hat OpenSSH packages from August 2008 signed with a Red Hat key. The Trojan-Horse modification was introduced in certain RHEL 4/5 OpenSSH packages and its impact remains unknown; distribution was limited to unofficial channels, with no known official Red ...

9.3CVSS6.1AI score0.02674EPSS
CVE
CVE
added 2023/12/24 12:0 a.m.2613 views

CVE-2023-51767

CVE-2023-51767 — IBM’s connected bulletin confirms a vulnerability mapped to the OpenSSH/OpenSSH-derived issue in OpenSSH up to version 10.0, where row hammer attacks on common DRAM types could enable authentication bypass. Root cause per the bulletin: the integer value of authenticated in mm_ans...

7CVSS6AI score0.00661EPSS
CVE
CVE
added 2017/04/11 12:0 a.m.2262 views

CVE-2016-1908

OpenSSH CVE-2016-1908 affects the OpenSSH client before 7.2, where cookie generation for untrusted X11 forwarding can be mishandled when the local X server lacks the SECURITY extension. This could allow remote X11 clients to trigger a fallback to trusted forwarding, bypassing intended access cont...

9.8CVSS9AI score0.13736EPSS
CVE
CVE
added 2026/04/02 5:8 p.m.1997 views

CVE-2026-35414

OpenSSH CVE-2026-35414 affects OpenSSH before 10.3, where the authorized_keys principals option can be mishandled when a CA uses comma characters in a multi-principal scenario. Multiple connected advisories (IBM AIX advisory, Debian DLA, AlmaLinux/Almalinux, CloudLinux, and Amazon Linux ALAS entr...

8.1CVSS5.8AI score0.00176EPSS
CVE
CVE
added 2007/05/21 8:0 p.m.1258 views

CVE-2007-2768

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, can leak whether a target user exists by returning different responses if the account is configured for OTP. This is described for CVE-2007-2768 (OpenSSH 4.6 and earlier) and is related to CVE-2007-2243 in the IBM bulletin, whic...

4.3CVSS9.4AI score0.08654EPSS
CVE
CVE
added 2026/04/02 4:30 p.m.1121 views

CVE-2026-35385

OpenSSH before 10.3 is affected. When using scp as root with -O (legacy protocol) and without -p, a downloaded file may be installed setuid or setgid, contrary to user expectations. This could enable privilege elevation per the cited advisories. Remediation: upgrade to OpenSSH 10.3p1 or later (as...

8.1CVSS5.8AI score0.00419EPSS
CVE
CVE
added 2026/04/02 4:57 p.m.528 views

CVE-2026-35388

OpenSSH (before 10.3) is affected by a vulnerability in proxy-mode multiplexing where the system omits connection multiplexing confirmation for multiplexing sessions. The issue is tied to OpenSSH’s proxy-mode multiplexing behavior and is described as a flaw in the handling of multiplexing confirm...

2.5CVSS5.8AI score0.0013EPSS
CVE
CVE
added 2026/04/02 4:52 p.m.364 views

CVE-2026-35387

OpenSSH before 10.3 is affected by CVE-2026-35387: when listing any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms, the client/server may misinterpret this as enabling all ECDSA algorithms. The result is the unintended use of ECDSA keys, with confidentiality impact lis...

6.5CVSS5.9AI score0.00237EPSS
CVE
CVE
added 2003/05/02 12:0 a.m.293 views

CVE-2003-0190

CVE-2003-0190 affects OpenSSH-portable/OpenSSH 3.6.1p1 and earlier with PAM enabled. The vulnerability is a timing side‑channel: when a login attempts with a non-existent username, an error is returned immediately, allowing remote attackers to determine valid usernames. This is an information dis...

5CVSS6.3AI score0.76751EPSS
CVE
CVE
added 2026/07/08 12:17 a.m.167 views

CVE-2026-60002

Summary (CVE-2026-60002): OpenSSH

9.4CVSS6AI score0.00263EPSS
CVE
CVE
added 2026/07/08 12:4 a.m.115 views

CVE-2026-59995

OpenSSH sftp (client) vulnerability CVE-2026-59995 affects OpenSSH versions older than 10.4. The issue arises when using SFTP with an attacker-controlled server and the command "sftp server:/path .", where the client does not properly constrain the location where downloaded files can be placed. T...

5.4CVSS6AI score0.00241EPSS
CVE
CVE
added 2026/07/08 12:9 a.m.86 views

CVE-2026-59997

The CVE affects OpenSSH’s internal-sftp helper invoked by sshd, where the process only parses the first 9 command-line arguments. This is tied to OpenSSH before version 10.4. According to the description, this could undermine intended security properties of an SFTP connection if a later argument ...

5.4CVSS6AI score0.00177EPSS
CVE
CVE
added 2026/07/08 12:7 a.m.80 views

CVE-2026-59996

OpenSSH SCP flaw: OpenSSH versions before 10.4 allow a file to be placed in the parent directory of the target when copying between two remote destinations. Root cause is described in the OpenSSH release notes; remediation is to upgrade to OpenSSH 10.4p1 or later (fixed in 10.4p1). No exploit det...

5.4CVSS6AI score0.00241EPSS
CVE
CVE
added 2026/07/08 12:13 a.m.52 views

CVE-2026-59999

CVE-2026-59999 affects OpenSSH sshd prior to 10.4, where the intended precedence of DisableForwarding=yes over PermitTunnel=yes did not hold. The available documents confirm the root cause is an ordering/precedence bug in sshd, but do not provide concrete details on affected product versions beyo...

7.5CVSS5.9AI score0.0014EPSS
CVE
CVE
added 2026/07/08 12:14 a.m.52 views

CVE-2026-60000

CVE-2026-60000 affects OpenSSH sshd prior to 10.4. The vulnerability arises from mishandling MaxAuthTries for GSSAPIAuthentication, enabling a remote attacker to cause denial of service via resource exhaustion from excessive authentication attempts. Impact is a server-wide DoS (availability loss)...

7.5CVSS6AI score0.00407EPSS
CVE
CVE
added 2026/07/08 12:11 a.m.40 views

CVE-2026-59998

OpenSSH sshd (CVE-2026-59998) affects builds before 10.4. The issue is an undocumented security-relevant behavior where GSSAPIStrictAcceptorCheck has no value when the server runs in Windows Active Directory. CVSS v3.1 base score 4.8 (Medium) and impact on confidentiality/integrity (Low) with net...

6.5CVSS5.9AI score0.00179EPSS
CVE
CVE
added 2026/07/08 12:16 a.m.33 views

CVE-2026-60001

Technical details are not publicly available in the provided documents for CVE-2026-60001. Monitor for updates.

6.5CVSS5.9AI score0.00265EPSS