Every CVE whose affected-product data names Ssh Ssh2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2002-1645 — CVSS 10.0 (critical): Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute…
CVE-1999-1029 — CVSS 7.5 (high): SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries…
CVE-2002-1644 — CVSS 7.2 (high): SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid…
CVE-2002-1715 — CVSS 7.2 (high): SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to…
CVE-2000-0217 — CVSS 5.1 (medium): The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious…
CVE-2001-0364 — CVSS 5.0 (medium): SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous…
CVE-1999-1231 — CVSS 5.0 (medium): ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts…
CVE-1999-0398 — CVSS 4.6 (medium): In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-1999-1159 — CVSS 4.6 (medium): SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.