Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Van Dyke Technologies Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0156 1 Van Dyke Technologies 1 Vshell 2017-10-09 2.1 LOW N/A
VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.
CVE-2006-1038 1 Van Dyke Technologies 2 Securecrt, Securefx 2017-07-19 10.0 HIGH N/A
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
CVE-2004-1541 1 Van Dyke Technologies 1 Securecrt 2017-07-10 7.5 HIGH N/A
SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share.
CVE-2001-1466 1 Van Dyke Technologies 1 Securecrt 2017-07-10 7.5 HIGH N/A
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
CVE-2003-0047 1 Van Dyke Technologies 3 Entunnel, Securecrt, Securefx 2016-10-17 4.6 MEDIUM N/A
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
CVE-2002-1059 1 Van Dyke Technologies 1 Securecrt 2016-10-17 7.5 HIGH N/A
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
CVE-2007-6031 1 Van Dyke Technologies 1 Vshell 2008-11-14 7.8 HIGH N/A
Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2001-0155 1 Van Dyke Technologies 1 Vshell 2008-09-05 7.5 HIGH N/A
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers.