Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (47 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1231 1 Ssh 1 Ssh2 2025-04-03 N/A
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server.
CVE-2001-0361 2 Openbsd, Ssh 2 Openssh, Ssh 2025-04-03 N/A
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.
CVE-2000-0217 2 Openbsd, Ssh 3 Openssh, Ssh, Ssh2 2025-04-03 N/A
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2021-27893 2 Microsoft, Ssh 4 Windows, Tectia Client, Tectia Connectsecure and 1 more 2024-11-21 7.0 High
SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected.
CVE-2021-27892 2 Microsoft, Ssh 4 Windows, Tectia Client, Tectia Connectsecure and 1 more 2024-11-21 7.8 High
SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected.
CVE-2021-27891 2 Microsoft, Ssh 4 Windows, Tectia Client, Tectia Connectsecure and 1 more 2024-11-21 8.8 High
SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected.
CVE-2024-30170 2 Privx, Ssh 2 Privx, Privx 2024-08-12 7.5 High
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later,