Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Openssh Number Of NVD 124 CRITICAL 6 HIGH 46 MEDIUM 60 LOW 12
URL https://www.openssh.com/
Explanation It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems.
It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag
  • BSD License
  • オープンソース

Add Information URL
No Type Name URL
1 https://anongit.mindrot.org/openssh

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
111 OpenSSH 9 9.9p2 Feb. 18, 2025 April 8, 2022 3 4 10 0
112 OpenSSH 8 8.9 Feb. 23, 2022 April 17, 2019 3 9 11 1
113 OpenSSH 7 OpenSSH 7.9 Oct. 19, 2018 Aug. 11, 2015 3 14 22 1
114 OpenSSH 6 OpenSSH 6.9 July 1, 2015 April 22, 2012 3 16 28 2
115 OpenSSH 5 OpenSSH 5.9 Sept. 6, 2011 April 3, 2008 3 14 27 6
116 OpenSSH 4 OpenSSH 4.9 March 31, 2008 March 9, 2005 3 20 35 9
117 OpenSSH 3 OpenSSH 3.9 Aug. 18, 2004 Nov. 6, 2001 5 30 35 7
118 OpenSSH 8.4 8.4 2 5 10 1
119 OpenSSH 8.3 8.3 2 6 10 1
120 OpenSSH 8.2 8.2 2 7 10 1
121 OpenSSH 8.1 8.1 2 5 10 1
122 OpenSSH 8.0 8.0 2 6 10 1
123 OpenSSH 7.9 7.9 2 6 14 1
124 OpenSSH 7.8 7.8 2 6 15 1
125 OpenSSH 7.7 7.7 2 6 16 1
126 OpenSSH 7.6 7.6 2 5 16 1
127 OpenSSH 7.5 7.5 2 5 17 1
128 OpenSSH 7.4 7.4 2 5 17 1
129 OpenSSH 7.3 7.3 2 10 18 1
130 OpenSSH 7.2 7.2p2 March 10, 2016 2 12 20 1
131 OpenSSH 7.1 7.1p2 Jan. 14, 2016 3 13 22 1
132 OpenSSH 7.0 7.0 3 13 22 1
133 OpenSSH 6.9 6.9 3 15 23 2
134 OpenSSH 6.8 6.8 3 15 24 2
135 OpenSSH 6.7 6.7 3 13 22 2
136 OpenSSH 6.6 6.6 3 13 23 2
137 OpenSSH 6.5 6.5 3 13 24 2
138 OpenSSH 6.4 6.4 3 14 24 2
139 OpenSSH 6.3 6.3 3 14 25 2
140 OpenSSH 6.2 6.2p2 May 16, 2013 3 14 25 2
141 OpenSSH 6.1 6.1 3 13 25 2
142 OpenSSH 6.0 6.0 3 13 25 2
143 OpenSSH 5.9 5.9 3 13 25 2
144 OpenSSH 5.8p2 5.8p2 3 12 24 2
145 OpenSSH 5.8 5.8p2 May 3, 2011 3 13 25 4
146 OpenSSH 5.7 5.7 3 13 26 4
147 OpenSSH 5.6 5.6 3 14 25 5
148 OpenSSH 5.5 5.5 3 14 24 5
149 OpenSSH 5.4 5.4 3 14 24 5
150 OpenSSH 5.3 5.3 3 13 24 5
151 OpenSSH 5.2 5.2 3 13 24 5
152 OpenSSH 5.1 5.1 3 13 24 5
153 OpenSSH 5.0 5.0 3 13 24 6
154 OpenSSH 4.9 4.9 3 13 24 6
155 OpenSSH 4.8 4.8 3 13 26 6
156 OpenSSH 4.7p1 4.7p1 3 13 23 7
157 OpenSSH 4.7 4.7 3 13 25 7
158 OpenSSH 4.6 4.6 3 14 26 6
159 OpenSSH 4.5 4.5 3 16 27 7
160 OpenSSH 4.4p1 4.4p1 3 14 26 6
161 OpenSSH 4.4 4.4 3 17 26 6
162 OpenSSH 4.3p2 4.3p2 3 14 27 6
163 OpenSSH 4.3p1 4.3p1 3 15 26 6
164 OpenSSH 4.3 4.3p2 Feb. 11, 2006 3 18 29 6
165 OpenSSH 4.2p1 4.2p1 3 15 27 6
166 OpenSSH 4.2 4.2 3 18 27 6
167 OpenSSH 4.1p1 4.1p1 3 15 28 6
168 OpenSSH 4.1 4.1 3 18 28 7
169 OpenSSH 4.0p1 4.0p1 3 15 28 6
170 OpenSSH 4.0 4.0 3 18 30 6
171 OpenSSH 3.9 3.9.1p1 3 18 29 7
172 OpenSSH 3.8 3.8.1p1 3 18 30 7
173 OpenSSH 3.7 3.7.1p2 3 23 30 7
174 OpenSSH 3.6 3.6.1p2 3 23 31 7
175 OpenSSH 3.5p1 3.5p1 3 19 29 7
176 OpenSSH 3.5 3.5 3 22 31 7
177 OpenSSH 3.4p1 3.4p1 3 19 29 7
178 OpenSSH 3.4 3.4 3 22 31 7
179 OpenSSH 3.3p1 3.3p1 3 20 29 7
180 OpenSSH 3.3 3.3 4 23 31 7
181 OpenSSH 3.2 3.2.3p1 4 25 31 7
182 OpenSSH 3.1p1 3.1p1 3 20 29 7
183 OpenSSH 3.1 3.1 4 24 31 7
184 OpenSSH 3.0p1 3.0p1 3 21 29 7
185 OpenSSH 3.0 3.0.2p1 5 26 32 7
186 OpenSSH 2.9p2 2.9p2 5 25 28 6
187 OpenSSH 2.9p1 2.9p1 5 25 28 6
188 OpenSSH 2.9 2.9p2 June 17, 2001 4 29 29 6
189 OpenSSH 2.5 2.5.2p2 March 22, 2001 4 29 29 6
190 OpenSSH 2.3 2.3.0p1 Nov. 6, 2000 4 29 30 6
191 OpenSSH 2.2 2.2.0p1 Sept. 1, 2000 4 31 29 6
192 OpenSSH 2.1 2.1.1p4 July 16, 2000 4 31 30 6
193 OpenSSH 2 OpenSSH 2.9.9 Sept. 25, 2001 5 32 31 6
194 OpenSSH 1.5 1.5.8 3 25 27 6
195 OpenSSH 1.3 1.3 3 25 27 6
196 OpenSSH 1.2 1.2.3p1 March 24, 2000 3 29 33 7
197 OpenSSH 1 OpenSSH 1.2.3p1 March 24, 2000 3 29 33 7
198 OpenSSH - - 3 24 31 7
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
111 -
5.0
MEDIUM The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers t… NVD-CWE-Other
CVE-2001-1382 cpe:2.3:a:openbsd:openssh:*:* 2.9.9p2 2008-09-6 05:26
2001-09-27
Show GitHub Exploit DB Packet Storm
112 -
2.1
LOW libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabiliti… NVD-CWE-Other
CVE-2001-1029 cpe:2.3:a:openbsd:openssh:4.5:* 2017-10-10 10:29
2001-09-20
Show GitHub Exploit DB Packet Storm
113 -
7.5
HIGH The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) pass… NVD-CWE-Other
CVE-2001-0572 cpe:2.3:a:openbsd:openssh:4.5:* 2008-09-6 05:24
2001-08-22
Show GitHub Exploit DB Packet Storm
114 -
7.2
HIGH OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. NVD-CWE-Other
CVE-2001-0529 cpe:2.3:a:openbsd:openssh:*:* 2.9 2017-10-10 10:29
2001-08-14
Show GitHub Exploit DB Packet Storm
115 -
4.0
MEDIUM Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or al… CWE-310
Cryptographic Issues
CVE-2001-0361 cpe:2.3:a:openbsd:openssh:2.1:*
cpe:2.3:a:openbsd:openssh:2.1.1:*
cpe:2.3:a:openbsd:openssh:1.2.3:*
2018-05-3 10:29
2001-06-27
Show GitHub Exploit DB Packet Storm
116 -
7.5
HIGH OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam… NVD-CWE-Other
CVE-2001-1459 cpe:2.3:a:openbsd:openssh:2.9:*
cpe:2.3:a:openbsd:openssh:2.5:*
cpe:2.3:a:openbsd:openssh:2.5.2:*
cpe:2.3:a:op…
2017-07-11 10:29
2001-06-19
Show GitHub Exploit DB Packet Storm
117 -
10.0
HIGH CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. NVD-CWE-Other
CVE-2001-0144 cpe:2.3:a:openbsd:openssh:2.2:*
cpe:2.3:a:openbsd:openssh:2.1:*
cpe:2.3:a:openbsd:openssh:2.1.1:*
cpe:2.3:a:op…
2018-05-3 10:29
2001-03-12
Show GitHub Exploit DB Packet Storm
118 -
7.5
HIGH OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to t… NVD-CWE-Other
CVE-2000-1169 cpe:2.3:a:openbsd:openssh:2.2:* 2017-10-10 10:29
2001-01-9
Show GitHub Exploit DB Packet Storm
119 -
5.0
MEDIUM Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2000-0992 cpe:2.3:a:openbsd:openssh:1.2:*
cpe:2.3:a:openbsd:openssh:1.2.3:*
2018-05-3 10:29
2000-12-19
Show GitHub Exploit DB Packet Storm
120 -
10.0
HIGH Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges. NVD-CWE-Other
CVE-2000-0999 cpe:2.3:a:openbsd:openssh:4.5:* 2008-09-6 05:22
2000-12-11
Show GitHub Exploit DB Packet Storm