CRITICAL9.8CVE-2019-9898Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. from 0, < 0.70-6
CRITICAL9.8CVE-2019-9895In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. from 0, < 0.70-6
CRITICAL9.8The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an…
from 0, < 0.67-3
CRITICAL9.8Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to ca…
from 0, < 0.67-1
HIGH8.1PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response.
from 0, < 0.74-1+deb11u1
HIGH7.5putty - security update
from 0, < 0.73-1
HIGH7.5putty - security update
from 0, < 0.74-1+deb11u1~deb10u1
HIGH7.5PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboa…
from 0, < 0.73-1
HIGH7.5Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
from 0, < 0.70-6
HIGH7.5putty - security update
from 0, < 0.70-6
HIGH7.5putty - security update
from 0, < 0.67-3+deb9u1
HIGH7.5putty - security update
from 0, < 0.63-10+deb8u2
MEDIUM5.9PuTTY 0.72 before 0.84 has a double free in RSA KEX.
from 0
MEDIUM5.9putty - security update
from 0, < 0.74-1+deb11u2
MEDIUM5.9putty - security update
from 0, < 0.74-1+deb11u1~deb10u2
MEDIUM5.9erlang - security update
from 0, < 0.74-1+deb11u1
MEDIUM5.9erlang - security update
from 0, < 0.74-1+deb11u1
MEDIUM5.9PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
from 0, < 0.74-1
LOW3.7PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification.
from 0
LOW3.1PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between prox…
from 0
—A vulnerability was detected in PuTTY 0.83.
from 0
—putty - security update
from 0, < 0.66-1
—putty - security update
from 0, < 0.60+2010-02-20-1+squeeze4
—putty - security update
from 0, < 0.62-9+deb7u3
—putty - security update
from 0, < 0.63-10
—putty - security update
from 0, < 0.62-9+deb7u2
—putty - security update
from 0, < 0.60+2010-02-20-1+squeeze3
—PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentic…
from 0, < 0.62-1
—Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a den…
from 0, < 0.63-1
—The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures…
from 0, < 0.63-1
—Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature…
from 0, < 0.63-1
—putty - several
from 0, < 0.63-1
—putty - several
from 0, < 0.60+2010-02-20-1+squeeze2
—PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs crea…
from 0, < 0.59-1
—Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, a…
from 0, < 0.57-1
—Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_D…
from 0, < 0.56-1
—Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via a…
from 0, < 0.56-1
—The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it bac…
from 0, < 0.54-1
—PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with acces…
from 0, < 0.53-b-2003-01-04-1