Vulnerabilities (CVE)

Vendor filter

Ssh Subscribe

Product filter

Ssh2 Subscribe

Filter

7 total CVE
CVE Vendors Products Updated CVSS
CVE-1999-1231 1 Ssh 1 Ssh2 2017-12-19 5.0
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on...
CVE-2001-0364 1 Ssh 1 Ssh2 2017-10-10 5.0
SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections.
CVE-1999-1159 1 Ssh 1 Ssh2 2017-10-10 4.6
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.
CVE-2002-1715 1 Ssh 2 Ssh, Ssh2 2017-07-11 7.2
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
CVE-2002-1644 1 Ssh 1 Ssh2 2017-07-11 7.2
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain...
CVE-2000-0217 2 Ssh, Openbsd 3 Openssh, Ssh, Ssh2 2008-09-10 5.1
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2008-09-09 4.6
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.