📦 Wolfssh

A critical authentication bypass vulnerability in wolfSSH's key exchange state machine allows attackers to manipulate the authentication process. This can lead to password disclosure, bogus signature ...

This CVE describes a stack buffer overflow vulnerability in wolfSSH's SFTP server when processing malicious packets with oversized handles. Attackers could execute arbitrary code or crash the service....

An improper host authentication vulnerability in wolfSSH clients up to version 1.4.20 allows attackers to bypass authentication and potentially leak client credentials. This affects any system using v...

This vulnerability in wolfSSH allows malicious clients to create SSH channels without authenticating first, leading to unauthorized access to SSH server functionality. It affects all systems running v...

CVE-2022-32073 is an integer overflow vulnerability in WolfSSH's SFTP server component that can lead to buffer overflow and potential remote code execution. This affects systems running WolfSSH v1.4.7...

This heap buffer over-read vulnerability in wolfSSH's wolfSSH_CleanPath() function allows authenticated remote attackers to read one byte beyond allocated memory boundaries via crafted SCP paths conta...