| Max CVSS | 7.5 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-6563 | 1.9 |
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjun
|
13-12-2022 - 12:15 | 24-08-2015 - 01:59 | |
| CVE-2015-6564 | 6.9 |
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MON
|
13-12-2022 - 12:15 | 24-08-2015 - 01:59 | |
| CVE-2015-5352 | 4.3 |
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictio
|
13-12-2022 - 12:15 | 03-08-2015 - 01:59 | |
| CVE-2016-1908 | 7.5 |
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding
|
13-12-2022 - 12:15 | 11-04-2017 - 18:59 |