| Max CVSS | 7.5 | Min CVSS | 5.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-1692 | 7.5 |
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption
|
13-02-2023 - 00:38 | 29-01-2014 - 16:02 | |
| CVE-2013-4548 | 6.0 |
The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended Force
|
09-10-2019 - 23:08 | 08-11-2013 - 15:55 | |
| CVE-2014-2532 | 5.8 |
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
|
19-07-2018 - 01:29 | 18-03-2014 - 05:18 | |
| CVE-2014-2653 | 5.8 |
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
|
07-01-2017 - 02:59 | 27-03-2014 - 10:55 |