Aggregates CVE and security vulnerability intelligence across all ssh-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-1231 | ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | [email protected] | 5.0 | 1.48% | 1999-06-09 | 2026-06-16 |
| CVE-1999-1029 | SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | [email protected] | 7.5 | 1.57% | 1999-05-13 | 2026-06-16 |
| CVE-1999-0398 | In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. | [email protected] | 4.6 | 0.39% | 1999-01-01 | 2026-06-16 |
| CVE-1999-0248 | A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. | [email protected] | 10.0 | 1.60% | 1999-01-01 | 2026-06-16 |
| CVE-1999-1159 | SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root. | [email protected] | 4.6 | 0.34% | 1998-12-29 | 2026-06-16 |
| CVE-1999-0310 | SSH 1.2.25 on HP-UX allows access to new user accounts. | [email protected] | 7.5 | 1.49% | 1998-09-01 | 2026-06-16 |
| CVE-1999-1085 | SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack." | [email protected] | 5.0 | 3.16% | 1998-06-12 | 2026-06-16 |
| CVE-1999-0013 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. | [email protected] | 8.4 | 1.09% | 1998-01-22 | 2026-06-16 |