Every CVE whose affected-product data names Ssh, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2001-0144 — CVSS 10.0 (critical): CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an…
CVE-1999-0248 — CVSS 10.0 (critical): A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
CVE-1999-0013 — CVSS 8.4 (high): Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent…
CVE-2011-0766 — CVSS 7.8 (high): The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before…
CVE-2001-0572 — CVSS 7.5 (high): The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote…
CVE-2001-1476 — CVSS 7.5 (high): SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess…
CVE-2001-1473 — CVSS 7.5 (high): The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by…
CVE-2001-0471 — CVSS 7.5 (high): SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to…
CVE-2001-1475 — CVSS 7.5 (high): SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is…
CVE-2000-0575 — CVSS 7.2 (high): SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who…
CVE-2002-1715 — CVSS 7.2 (high): SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to…
CVE-2023-48795 — CVSS 5.9 (medium): The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to…
CVE-2000-0217 — CVSS 5.1 (medium): The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious…
CVE-2000-0992 — CVSS 5.0 (medium): Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot…
CVE-2001-1469 — CVSS 5.0 (medium): The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic…
CVE-2001-1470 — CVSS 5.0 (medium): The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to…
CVE-2001-1474 — CVSS 5.0 (medium): SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections…
CVE-1999-0398 — CVSS 4.6 (medium): In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-2000-0143 — CVSS 4.6 (medium): The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard…
CVE-2001-0361 — CVSS 4.0 (medium): Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain…
CVE-2001-0259 — CVSS 3.6 (low): ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user…