SSH Communications Security
Products
5- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47857 | Cri | 0.64 | 9.8 | 0.00 | Jan 31, 2025 | SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing PrivX "account A" to impersonate another existing PrivX "account B" and gain access… | ||
| CVE-2001-0144 | 0.07 | — | 0.53 | Mar 12, 2001 | CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | |||
| CVE-2006-4316 | 0.00 | — | 0.00 | Aug 23, 2006 | SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the… | |||
| CVE-2005-2146 | 0.00 | — | 0.00 | Jul 5, 2005 | SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server. | |||
| CVE-1999-1010 | 0.00 | — | 0.00 | Dec 14, 1999 | An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||
| CVE-1999-0398 | 0.00 | — | 0.00 | Jan 1, 1999 | In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. |
- risk 0.64cvss 9.8epss 0.00
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing PrivX "account A" to impersonate another existing PrivX "account B" and gain access…
- CVE-2001-0144Mar 12, 2001risk 0.07cvss —epss 0.53
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
- CVE-2006-4316Aug 23, 2006risk 0.00cvss —epss 0.00
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the…
- CVE-2005-2146Jul 5, 2005risk 0.00cvss —epss 0.00
SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.
- CVE-1999-1010Dec 14, 1999risk 0.00cvss —epss 0.00
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
- CVE-1999-0398Jan 1, 1999risk 0.00cvss —epss 0.00
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.