Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1476 1 Ssh 1 Ssh 2025-04-03 N/A
SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.
CVE-2002-1644 1 Ssh 1 Ssh2 2025-04-03 N/A
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
CVE-2002-1645 1 Ssh 1 Ssh2 2025-04-03 N/A
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.
CVE-2002-1715 1 Ssh 2 Ssh, Ssh2 2025-04-03 N/A
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
CVE-2001-0471 1 Ssh 1 Ssh 2025-04-03 N/A
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
CVE-1999-0310 1 Ssh 1 Ssh 2025-04-03 N/A
SSH 1.2.25 on HP-UX allows access to new user accounts.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2025-04-03 N/A
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-1999-0787 1 Ssh 1 Ssh 2025-04-03 N/A
The SSH authentication agent follows symlinks via a UNIX domain socket.
CVE-1999-1029 1 Ssh 1 Ssh2 2025-04-03 N/A
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.