Vulnerabilities > Putty > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-04-15 CVE-2024-31497 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures.
5.9
2023-12-18 CVE-2023-48795 Improper Validation of Integrity Check Value vulnerability in multiple products
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
5.9
2021-05-21 CVE-2021-33500 Unspecified vulnerability in Putty
PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls.
network
low complexity
putty
5.0
2020-06-29 CVE-2020-14002 Information Exposure Through Discrepancy vulnerability in multiple products
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
network
high complexity
putty netapp fedoraproject CWE-203
5.9
2019-10-01 CVE-2019-17068 Injection vulnerability in multiple products
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.
network
low complexity
putty opensuse CWE-74
5.0
2019-03-21 CVE-2019-9896 Uncontrolled Search Path Element vulnerability in multiple products
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
local
low complexity
putty opensuse CWE-427
4.6
2017-01-30 CVE-2016-6167 Untrusted Search Path vulnerability in Putty 0.67
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.
local
putty CWE-426
4.4
2013-08-19 CVE-2013-4852 Numeric Errors vulnerability in multiple products
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
6.8
2013-08-19 CVE-2013-4207 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.
4.3
2013-08-19 CVE-2013-4206 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.
6.8