Odin HomeODIN logoODIN logo

Products

Cyble Vision
Cyber threat intelligence platform
Cyble Hawk
Threat detection and intelligence capabilities built for federal bodies
AmIBreached
Identify, Prioritize and Mitigate darkweb risks
The Cyber Express
Cyber Security News and Magazine

Search

HostsExposed BucketsExposed Files

Resources

API DocumentationPlatform GuideODIN CLIPostmanSDKs
GoPythonJavaScript

Contact Us

[email protected]

Legal

Terms of ServiceSecurity Disclosure PolicyPrivacy Policy
Leading Threat Intelligence Company
LinkedInTwitter XYoutube
ODIN logoODIN logo
LinkedInGithubMediumTwitter XYoutube
Launch YC: Odin - Attack surface monitoring and internet scanning for everyone
Made with ❤️ from Cupertino

© 2025 Cyble Inc. All Rights Reserved.

182.16.121.28

SummaryCVE DetailsRaw Data
24 Nov 2025, 05:54:48 UTC
CVE-2008-3844
Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
Services

22/ssh

9.3
CVE-2010-4478
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
Services

22/ssh

7.5
CVE-2010-5107
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
Services

22/ssh

5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
Login