Every CVE whose affected-product data names Simon Tatham Putty, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2016-2563 — CVSS 9.8 (critical): Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to…
CVE-2013-4852 — CVSS 6.8 (medium): Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a…
CVE-2013-4206 — CVSS 6.8 (medium): Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service…
CVE-2013-4207 — CVSS 4.3 (medium): Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature…
CVE-2015-5309 — CVSS 4.3 (medium): Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or…
CVE-2015-2157 — CVSS 2.1 (low): The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from…
CVE-2013-4208 — CVSS 2.1 (low): The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures…