Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Openssh Number Of NVD 113 CRITICAL 5 HIGH 44 MEDIUM 53 LOW 11
URL https://www.openssh.com/
Explanation It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems.
It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag
  • BSD License
  • オープンソース
Add Information URL
No Type Name URL
1 https://anongit.mindrot.org/openssh
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
101 OpenSSH 9 9.9p2 Feb. 18, 2025 April 8, 2022 2 2 5 0
102 OpenSSH 8 8.9 Feb. 23, 2022 April 17, 2019 2 7 6 1
103 OpenSSH 7 OpenSSH 7.9 Oct. 19, 2018 Aug. 11, 2015 2 12 17 1
104 OpenSSH 6 OpenSSH 6.9 July 1, 2015 April 22, 2012 2 14 23 2
105 OpenSSH 5 OpenSSH 5.9 Sept. 6, 2011 April 3, 2008 2 12 22 6
106 OpenSSH 4 OpenSSH 4.9 March 31, 2008 March 9, 2005 2 18 30 9
107 OpenSSH 3 OpenSSH 3.9 Aug. 18, 2004 Nov. 6, 2001 4 28 30 7
108 OpenSSH 8.4 8.4 1 3 5 1
109 OpenSSH 8.3 8.3 1 4 5 1
110 OpenSSH 8.2 8.2 1 5 5 1
111 OpenSSH 8.1 8.1 1 3 5 1
112 OpenSSH 8.0 8.0 1 4 5 1
113 OpenSSH 7.9 7.9 1 4 9 1
114 OpenSSH 7.8 7.8 1 4 10 1
115 OpenSSH 7.7 7.7 1 4 11 1
116 OpenSSH 7.6 7.6 1 3 11 1
117 OpenSSH 7.5 7.5 1 3 12 1
118 OpenSSH 7.4 7.4 1 3 12 1
119 OpenSSH 7.3 7.3 1 8 13 1
120 OpenSSH 7.2 7.2p2 March 10, 2016 1 10 15 1
121 OpenSSH 7.1 7.1p2 Jan. 14, 2016 2 11 17 1
122 OpenSSH 7.0 7.0 2 11 17 1
123 OpenSSH 6.9 6.9 2 13 18 2
124 OpenSSH 6.8 6.8 2 13 19 2
125 OpenSSH 6.7 6.7 2 11 17 2
126 OpenSSH 6.6 6.6 2 11 18 2
127 OpenSSH 6.5 6.5 2 11 19 2
128 OpenSSH 6.4 6.4 2 12 19 2
129 OpenSSH 6.3 6.3 2 12 20 2
130 OpenSSH 6.2 6.2p2 May 16, 2013 2 12 20 2
131 OpenSSH 6.1 6.1 2 11 20 2
132 OpenSSH 6.0 6.0 2 11 20 2
133 OpenSSH 5.9 5.9 2 11 20 2
134 OpenSSH 5.8p2 5.8p2 2 10 19 2
135 OpenSSH 5.8 5.8p2 May 3, 2011 2 11 20 4
136 OpenSSH 5.7 5.7 2 11 21 4
137 OpenSSH 5.6 5.6 2 12 20 5
138 OpenSSH 5.5 5.5 2 12 19 5
139 OpenSSH 5.4 5.4 2 12 19 5
140 OpenSSH 5.3 5.3 2 11 19 5
141 OpenSSH 5.2 5.2 2 11 19 5
142 OpenSSH 5.1 5.1 2 11 19 5
143 OpenSSH 5.0 5.0 2 11 19 6
144 OpenSSH 4.9 4.9 2 11 19 6
145 OpenSSH 4.8 4.8 2 11 21 6
146 OpenSSH 4.7p1 4.7p1 2 11 18 7
147 OpenSSH 4.7 4.7 2 11 20 7
148 OpenSSH 4.6 4.6 2 12 21 6
149 OpenSSH 4.5 4.5 2 14 22 7
150 OpenSSH 4.4p1 4.4p1 2 12 21 6
151 OpenSSH 4.4 4.4 2 15 21 6
152 OpenSSH 4.3p2 4.3p2 2 12 22 6
153 OpenSSH 4.3p1 4.3p1 2 13 21 6
154 OpenSSH 4.3 4.3p2 Feb. 11, 2006 2 16 24 6
155 OpenSSH 4.2p1 4.2p1 2 13 22 6
156 OpenSSH 4.2 4.2 2 16 22 6
157 OpenSSH 4.1p1 4.1p1 2 13 23 6
158 OpenSSH 4.1 4.1 2 16 23 7
159 OpenSSH 4.0p1 4.0p1 2 13 23 6
160 OpenSSH 4.0 4.0 2 16 25 6
161 OpenSSH 3.9 3.9.1p1 2 16 24 7
162 OpenSSH 3.8 3.8.1p1 2 16 25 7
163 OpenSSH 3.7 3.7.1p2 2 21 25 7
164 OpenSSH 3.6 3.6.1p2 2 21 26 7
165 OpenSSH 3.5p1 3.5p1 2 17 24 7
166 OpenSSH 3.5 3.5 2 20 26 7
167 OpenSSH 3.4p1 3.4p1 2 17 24 7
168 OpenSSH 3.4 3.4 2 20 26 7
169 OpenSSH 3.3p1 3.3p1 2 18 24 7
170 OpenSSH 3.3 3.3 3 21 26 7
171 OpenSSH 3.2 3.2.3p1 3 23 26 7
172 OpenSSH 3.1p1 3.1p1 2 18 24 7
173 OpenSSH 3.1 3.1 3 22 26 7
174 OpenSSH 3.0p1 3.0p1 2 19 24 7
175 OpenSSH 3.0 3.0.2p1 4 24 27 7
176 OpenSSH 2.9p2 2.9p2 4 23 23 6
177 OpenSSH 2.9p1 2.9p1 4 23 23 6
178 OpenSSH 2.9 2.9p2 June 17, 2001 3 27 24 6
179 OpenSSH 2.5 2.5.2p2 March 22, 2001 3 27 24 6
180 OpenSSH 2.3 2.3.0p1 Nov. 6, 2000 3 27 25 6
181 OpenSSH 2.2 2.2.0p1 Sept. 1, 2000 3 29 24 6
182 OpenSSH 2.1 2.1.1p4 July 16, 2000 3 29 25 6
183 OpenSSH 2 OpenSSH 2.9.9 Sept. 25, 2001 4 30 26 6
184 OpenSSH 1.5 1.5.8 2 23 22 6
185 OpenSSH 1.3 1.3 2 23 22 6
186 OpenSSH 1.2 1.2.3p1 March 24, 2000 2 27 28 7
187 OpenSSH 1 OpenSSH 1.2.3p1 March 24, 2000 2 27 28 7
188 OpenSSH - - 2 22 24 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
101 -
2.1 		LOW libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabiliti… NVD-CWE-Other
CVE-2001-1029 cpe:2.3:a:openbsd:openssh:4.5:* 2017-10-10 10:29
2001-09-20 		Show GitHub Exploit DB Packet Storm
102 -
7.5 		HIGH The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) pass… NVD-CWE-Other
CVE-2001-0572 cpe:2.3:a:openbsd:openssh:4.5:* 2008-09-6 05:24
2001-08-22 		Show GitHub Exploit DB Packet Storm
103 -
7.2 		HIGH OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. NVD-CWE-Other
CVE-2001-0529 cpe:2.3:a:openbsd:openssh:*:* 2.9 2017-10-10 10:29
2001-08-14 		Show GitHub Exploit DB Packet Storm
104 -
4.0 		MEDIUM Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or al… CWE-310
Cryptographic Issues 		CVE-2001-0361 cpe:2.3:a:openbsd:openssh:2.1:*
cpe:2.3:a:openbsd:openssh:2.1.1:*
cpe:2.3:a:openbsd:openssh:1.2.3:* 		2018-05-3 10:29
2001-06-27 		Show GitHub Exploit DB Packet Storm
105 -
7.5 		HIGH OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam… NVD-CWE-Other
CVE-2001-1459 cpe:2.3:a:openbsd:openssh:2.9:*
cpe:2.3:a:openbsd:openssh:2.5:*
cpe:2.3:a:openbsd:openssh:2.5.2:*
cpe:2.3:a:op… 		2017-07-11 10:29
2001-06-19 		Show GitHub Exploit DB Packet Storm
106 -
10.0 		HIGH CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. NVD-CWE-Other
CVE-2001-0144 cpe:2.3:a:openbsd:openssh:2.2:*
cpe:2.3:a:openbsd:openssh:2.1:*
cpe:2.3:a:openbsd:openssh:2.1.1:*
cpe:2.3:a:op… 		2018-05-3 10:29
2001-03-12 		Show GitHub Exploit DB Packet Storm
107 -
7.5 		HIGH OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to t… NVD-CWE-Other
CVE-2000-1169 cpe:2.3:a:openbsd:openssh:2.2:* 2017-10-10 10:29
2001-01-9 		Show GitHub Exploit DB Packet Storm
108 -
5.0 		MEDIUM Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2000-0992 cpe:2.3:a:openbsd:openssh:1.2:*
cpe:2.3:a:openbsd:openssh:1.2.3:* 		2018-05-3 10:29
2000-12-19 		Show GitHub Exploit DB Packet Storm
109 -
10.0 		HIGH Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges. NVD-CWE-Other
CVE-2000-0999 cpe:2.3:a:openbsd:openssh:4.5:* 2008-09-6 05:22
2000-12-11 		Show GitHub Exploit DB Packet Storm
110 -
10.0 		HIGH OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. NVD-CWE-Other
CVE-2000-0525 cpe:2.3:a:openbsd:openssh:2.1:*
cpe:2.3:a:openbsd:openssh:1.2:*
cpe:2.3:a:openbsd:openssh:1.2.3:* 		2017-10-10 10:29
2000-06-8 		Show GitHub Exploit DB Packet Storm