Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 15 of 15 results


CVE-2019-3855

Medium priority

Some fixes available 2 of 4

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on...

1 affected packages

libssh2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libssh2 Not affected Not affected Not affected Vulnerable Fixed
Show less packages

CVE-2019-3862

Medium priority

Some fixes available 2 of 4

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to...

1 affected packages

libssh2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libssh2 Not affected Not affected Not affected Vulnerable Fixed
Show less packages

CVE-2019-3859

Medium priority

Some fixes available 2 of 4

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or...

1 affected packages

libssh2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libssh2 Not affected Not affected Not affected Vulnerable Fixed
Show less packages

CVE-2016-0787

Medium priority

Some fixes available 4 of 5

The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified...

1 affected packages

libssh2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libssh2 Fixed
Show less packages

CVE-2015-1782

Medium priority

Some fixes available 1 of 4

The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.

1 affected packages

libssh2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libssh2 Not affected Not affected
Show less packages