Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Libssh2 Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3859 5 Debian, Fedoraproject, Libssh2 and 2 more 5 Debian Linux, Fedora, Libssh2 and 2 more 2019-07-25 6.4 MEDIUM 9.1 CRITICAL
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3858 5 Debian, Fedoraproject, Libssh2 and 2 more 5 Debian Linux, Fedora, Libssh2 and 2 more 2019-04-15 6.4 MEDIUM 9.1 CRITICAL
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3860 4 Debian, Libssh2, Netapp and 1 more 4 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 1 more 2019-04-15 6.4 MEDIUM 9.1 CRITICAL
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3861 4 Debian, Libssh2, Netapp and 1 more 4 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 1 more 2019-04-15 6.4 MEDIUM 9.1 CRITICAL
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3862 5 Debian, Fedoraproject, Libssh2 and 2 more 5 Debian Linux, Fedora, Libssh2 and 2 more 2019-04-15 6.4 MEDIUM 9.1 CRITICAL
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.