Openssh Security Vulnerabilities and Issues — Openssh CVE List

Lucene search

OpenbsdOpenssh

10 matches found

CVE•added 2014/12/06 3:59 p.m.•3128 views

CVE-2014-9278

The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would for...

4CVSS5.7AI score0.00295EPSS

CVE•added 2011/03/02 8:0 p.m.•1708 views

CVE-2010-4755

The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted gl...

4CVSS5AI score0.12495EPSS

CVE•added 2015/08/03 1:59 a.m.•1472 views

CVE-2015-5352

The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...

4.3CVSS4.5AI score0.05153EPSS

CVE•added 2025/04/10 2:15 a.m.•1207 views

CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

4.3CVSS6.9AI score0.00027EPSS

CVE•added 2007/05/21 8:30 p.m.•1154 views

CVE-2007-2768

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

4.3CVSS9.4AI score0.00399EPSS

CVE•added 2001/09/18 4:0 a.m.•186 views

CVE-2001-0361

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.

4CVSS9.2AI score0.01308EPSS

CVE•added 2006/01/25 11:3 a.m.•159 views

CVE-2006-0225

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

4.6CVSS9.2AI score0.00082EPSS

CVE•added 2007/10/18 8:17 p.m.•99 views

CVE-2007-3102

Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party informati...

4.3CVSS8.7AI score0.02397EPSS

CVE•added 2000/02/16 5:0 a.m.•65 views

CVE-2000-0143

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.

4.6CVSS6.6AI score0.00076EPSS

CVE•added 2004/08/18 4:0 a.m.•64 views

CVE-2004-0175

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.

4.3CVSS9.4AI score0.02826EPSS