Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Openssh Number Of NVD 113 CRITICAL 5 HIGH 44 MEDIUM 53 LOW 11
URL https://www.openssh.com/
Explanation It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems.
It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag
  • BSD License
  • オープンソース
Add Information URL
No Type Name URL
1 https://anongit.mindrot.org/openssh
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
71 OpenSSH 9 9.9p2 Feb. 18, 2025 April 8, 2022 2 2 5 0
72 OpenSSH 8 8.9 Feb. 23, 2022 April 17, 2019 2 7 6 1
73 OpenSSH 7 OpenSSH 7.9 Oct. 19, 2018 Aug. 11, 2015 2 12 17 1
74 OpenSSH 6 OpenSSH 6.9 July 1, 2015 April 22, 2012 2 14 23 2
75 OpenSSH 5 OpenSSH 5.9 Sept. 6, 2011 April 3, 2008 2 12 22 6
76 OpenSSH 4 OpenSSH 4.9 March 31, 2008 March 9, 2005 2 18 30 9
77 OpenSSH 3 OpenSSH 3.9 Aug. 18, 2004 Nov. 6, 2001 4 28 30 7
78 OpenSSH 8.4 8.4 1 3 5 1
79 OpenSSH 8.3 8.3 1 4 5 1
80 OpenSSH 8.2 8.2 1 5 5 1
81 OpenSSH 8.1 8.1 1 3 5 1
82 OpenSSH 8.0 8.0 1 4 5 1
83 OpenSSH 7.9 7.9 1 4 9 1
84 OpenSSH 7.8 7.8 1 4 10 1
85 OpenSSH 7.7 7.7 1 4 11 1
86 OpenSSH 7.6 7.6 1 3 11 1
87 OpenSSH 7.5 7.5 1 3 12 1
88 OpenSSH 7.4 7.4 1 3 12 1
89 OpenSSH 7.3 7.3 1 8 13 1
90 OpenSSH 7.2 7.2p2 March 10, 2016 1 10 15 1
91 OpenSSH 7.1 7.1p2 Jan. 14, 2016 2 11 17 1
92 OpenSSH 7.0 7.0 2 11 17 1
93 OpenSSH 6.9 6.9 2 13 18 2
94 OpenSSH 6.8 6.8 2 13 19 2
95 OpenSSH 6.7 6.7 2 11 17 2
96 OpenSSH 6.6 6.6 2 11 18 2
97 OpenSSH 6.5 6.5 2 11 19 2
98 OpenSSH 6.4 6.4 2 12 19 2
99 OpenSSH 6.3 6.3 2 12 20 2
100 OpenSSH 6.2 6.2p2 May 16, 2013 2 12 20 2
101 OpenSSH 6.1 6.1 2 11 20 2
102 OpenSSH 6.0 6.0 2 11 20 2
103 OpenSSH 5.9 5.9 2 11 20 2
104 OpenSSH 5.8p2 5.8p2 2 10 19 2
105 OpenSSH 5.8 5.8p2 May 3, 2011 2 11 20 4
106 OpenSSH 5.7 5.7 2 11 21 4
107 OpenSSH 5.6 5.6 2 12 20 5
108 OpenSSH 5.5 5.5 2 12 19 5
109 OpenSSH 5.4 5.4 2 12 19 5
110 OpenSSH 5.3 5.3 2 11 19 5
111 OpenSSH 5.2 5.2 2 11 19 5
112 OpenSSH 5.1 5.1 2 11 19 5
113 OpenSSH 5.0 5.0 2 11 19 6
114 OpenSSH 4.9 4.9 2 11 19 6
115 OpenSSH 4.8 4.8 2 11 21 6
116 OpenSSH 4.7p1 4.7p1 2 11 18 7
117 OpenSSH 4.7 4.7 2 11 20 7
118 OpenSSH 4.6 4.6 2 12 21 6
119 OpenSSH 4.5 4.5 2 14 22 7
120 OpenSSH 4.4p1 4.4p1 2 12 21 6
121 OpenSSH 4.4 4.4 2 15 21 6
122 OpenSSH 4.3p2 4.3p2 2 12 22 6
123 OpenSSH 4.3p1 4.3p1 2 13 21 6
124 OpenSSH 4.3 4.3p2 Feb. 11, 2006 2 16 24 6
125 OpenSSH 4.2p1 4.2p1 2 13 22 6
126 OpenSSH 4.2 4.2 2 16 22 6
127 OpenSSH 4.1p1 4.1p1 2 13 23 6
128 OpenSSH 4.1 4.1 2 16 23 7
129 OpenSSH 4.0p1 4.0p1 2 13 23 6
130 OpenSSH 4.0 4.0 2 16 25 6
131 OpenSSH 3.9 3.9.1p1 2 16 24 7
132 OpenSSH 3.8 3.8.1p1 2 16 25 7
133 OpenSSH 3.7 3.7.1p2 2 21 25 7
134 OpenSSH 3.6 3.6.1p2 2 21 26 7
135 OpenSSH 3.5p1 3.5p1 2 17 24 7
136 OpenSSH 3.5 3.5 2 20 26 7
137 OpenSSH 3.4p1 3.4p1 2 17 24 7
138 OpenSSH 3.4 3.4 2 20 26 7
139 OpenSSH 3.3p1 3.3p1 2 18 24 7
140 OpenSSH 3.3 3.3 3 21 26 7
141 OpenSSH 3.2 3.2.3p1 3 23 26 7
142 OpenSSH 3.1p1 3.1p1 2 18 24 7
143 OpenSSH 3.1 3.1 3 22 26 7
144 OpenSSH 3.0p1 3.0p1 2 19 24 7
145 OpenSSH 3.0 3.0.2p1 4 24 27 7
146 OpenSSH 2.9p2 2.9p2 4 23 23 6
147 OpenSSH 2.9p1 2.9p1 4 23 23 6
148 OpenSSH 2.9 2.9p2 June 17, 2001 3 27 24 6
149 OpenSSH 2.5 2.5.2p2 March 22, 2001 3 27 24 6
150 OpenSSH 2.3 2.3.0p1 Nov. 6, 2000 3 27 25 6
151 OpenSSH 2.2 2.2.0p1 Sept. 1, 2000 3 29 24 6
152 OpenSSH 2.1 2.1.1p4 July 16, 2000 3 29 25 6
153 OpenSSH 2 OpenSSH 2.9.9 Sept. 25, 2001 4 30 26 6
154 OpenSSH 1.5 1.5.8 2 23 22 6
155 OpenSSH 1.3 1.3 2 23 22 6
156 OpenSSH 1.2 1.2.3p1 March 24, 2000 2 27 28 7
157 OpenSSH 1 OpenSSH 1.2.3p1 March 24, 2000 2 27 28 7
158 OpenSSH - - 2 22 24 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
71 -
5.0 		MEDIUM Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authen… NVD-CWE-Other
CVE-2006-5052 cpe:2.3:a:openbsd:openssh:4.3p1:*
cpe:2.3:a:openbsd:openssh:4.3:*
cpe:2.3:a:openbsd:openssh:4.2p1:*
cpe:2.3:a:… 		2026-04-23 09:35
2006-09-28 		Show GitHub Exploit DB Packet Storm
72 -
7.8 		HIGH sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is no… CWE-399
 Resource Management Errors 		CVE-2006-4924 cpe:2.3:a:openbsd:openssh:4.3p1:*
cpe:2.3:a:openbsd:openssh:4.3:*
cpe:2.3:a:openbsd:openssh:4.2p1:*
cpe:2.3:a:… 		2026-04-23 09:35
2006-09-27 		Show GitHub Exploit DB Packet Storm
73 -
5.0 		MEDIUM OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of s… CWE-399
 Resource Management Errors 		CVE-2006-0883 cpe:2.3:a:openbsd:openssh:3.8.1p1:* 2017-07-20 10:30
2006-03-7 		Show GitHub Exploit DB Packet Storm
74 -
4.6 		MEDIUM scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. NVD-CWE-Other
CVE-2006-0225 cpe:2.3:a:openbsd:openssh:4.2p1:*
cpe:2.3:a:openbsd:openssh:4.1p1:*
cpe:2.3:a:openbsd:openssh:4.0p1:*
cpe:2.3:… 		2018-10-20 00:43
2006-01-25 		Show GitHub Exploit DB Packet Storm
75 -
5.0 		MEDIUM OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts fu… NVD-CWE-Other
CVE-2005-2797 cpe:2.3:a:openbsd:openssh:4.0:* 2016-12-8 12:00
2005-09-7 		Show GitHub Exploit DB Packet Storm
76 -
5.0 		MEDIUM sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to… NVD-CWE-Other
CVE-2005-2798 cpe:2.3:a:openbsd:openssh:4.1p1:*
cpe:2.3:a:openbsd:openssh:4.0p1:*
cpe:2.3:a:openbsd:openssh:3.9:*
cpe:2.3:a:… 		2018-10-20 00:33
2005-09-7 		Show GitHub Exploit DB Packet Storm
77 -
1.2 		LOW SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that… CWE-255
Credentials Management 		CVE-2005-2666 cpe:2.3:a:openbsd:openssh:3.9:*
cpe:2.3:a:openbsd:openssh:3.9.1p1:*
cpe:2.3:a:openbsd:openssh:3.9.1:*
cpe:2.3:… 		2023-11-7 10:57
2005-08-23 		Show GitHub Exploit DB Packet Storm
78 -
5.0 		MEDIUM sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceed… NVD-CWE-Other
CVE-2004-2069 cpe:2.3:a:openbsd:openssh:3.7.1p2:*
cpe:2.3:a:openbsd:openssh:3.6.1p2:* 		2018-10-20 00:30
2004-12-31 		Show GitHub Exploit DB Packet Storm
79 -
6.8 		MEDIUM sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt wi… CWE-16
Configuration 		CVE-2004-2760 cpe:2.3:a:openbsd:openssh:3.5p1:*
cpe:2.3:a:openbsd:openssh:3.5:* 		2009-01-29 14:37
2004-12-31 		Show GitHub Exploit DB Packet Storm
80 -
6.4 		MEDIUM The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonC… NVD-CWE-Other
CVE-2004-1653 cpe:2.3:a:openbsd:openssh:*:* 3.9 2017-07-11 10:31
2004-08-31 		Show GitHub Exploit DB Packet Storm