cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-6109,https://securityvulnerability.io/vulnerability/CVE-2019-6109,OpenSSH Client Vulnerability in Progress Meter Display,"A vulnerability in OpenSSH 7.9 allows an adversary to exploit the progress display of file transfers. Through crafted object names, a malicious server or Man-in-the-Middle attacker can manipulate the output, potentially obscuring additional files being transferred. This flaw stems from insufficient character encoding within the refresh_progress_meter() function in progressmeter.c, posing risks during data transmission that may go unnoticed by the user.",OpenBSD,"Openssh,Winscp",6.8,MEDIUM,0.002259999979287386,false,,false,false,false,,,false,false,,2019-01-31T00:00:00.000Z,0
CVE-2019-6110,https://securityvulnerability.io/vulnerability/CVE-2019-6110,Arbitrary Output Manipulation in OpenSSH Client - OpenBSD,"OpenSSH 7.9 is susceptible to an issue where it accepts and displays arbitrary stderr output from a connected server. This flaw allows a malicious server or a Man-in-the-Middle (MitM) attacker to manipulate the output experienced by the client. An attacker can employ ANSI control codes to obscure vital information, such as the presence of additional files being transferred, potentially leading to unauthorized data exposure and manipulation.",OpenBSD,"Openssh,Winscp",6.8,MEDIUM,0.004019999876618385,false,,false,false,false,,,false,false,,2019-01-31T00:00:00.000Z,0
CVE-2019-6111,https://securityvulnerability.io/vulnerability/CVE-2019-6111,File Overwrite Vulnerability in OpenSSH Affecting Multiple Platforms,"A vulnerability in the scp implementation of OpenSSH 7.9 allows a malicious scp server or a Man-in-the-Middle attacker to overwrite arbitrary files in the target directory of the scp client. Since scp is derived from the older rcp command from 1983, the server controls which files are sent. The client conducts limited validation of filenames, preventing only directory traversal attacks. Consequently, this flaw can be exploited to overwrite critical files, such as .ssh/authorized_keys, particularly during recursive operations.",OpenBSD,"Openssh,Winscp",5.9,MEDIUM,0.0026599999982863665,false,,false,false,true,2024-07-01T23:07:20.000Z,true,false,false,,2019-01-31T00:00:00.000Z,0
CVE-2018-20685,https://securityvulnerability.io/vulnerability/CVE-2018-20685,,"In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.",OpenBSD,"Openssh,Winscp",5.3,MEDIUM,0.003220000071451068,false,,false,false,false,,,false,false,,2019-01-10T00:00:00.000Z,0