Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2016-7409
The dbclient and server in Dropbear SSH prior to 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident.
Dropbear Ssh Project Dropbear Ssh
445
VMScore
CVE-2019-12953
Dropbear 2011.54 up to and including 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.
Dropbear Ssh Project Dropbear Ssh
605
VMScore
CVE-2020-36254
scp.c in Dropbear prior to 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
Dropbear Ssh Project Dropbear Ssh
1 Github repository
445
VMScore
CVE-2017-2659
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts.
Dropbear Ssh Project Dropbear Ssh
555
VMScore
CVE-2016-3116
CRLF injection vulnerability in Dropbear SSH prior to 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
Dropbear Ssh Project Dropbear Ssh
1 EDB exploit
578
VMScore
CVE-2016-7408
The dbclient in Dropbear SSH prior to 2016.74 allows remote malicious users to execute arbitrary code via a crafted (1) -m or (2) -c argument.
Dropbear Ssh Project Dropbear Ssh
668
VMScore
CVE-2018-14440
An issue exists in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageAction_queryNotice.action noticeInfo parameter.
Ssh Companywebsite Project Ssh Companywebsite
668
VMScore
CVE-2007-1099
dbclient in Dropbear SSH client prior to 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote malicious users to conduct man-in-the-middle attacks.
Dropbear Ssh Project Dropbear Ssh
445
VMScore
CVE-2013-4421
The buf_decompress function in packet.c in Dropbear SSH Server prior to 2013.59 allows remote malicious users to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.
Dropbear Ssh Project Dropbear Ssh
445
VMScore
CVE-2013-4434
Dropbear SSH Server prior to 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote malicious users to discover valid usernames.
Dropbear Ssh Project Dropbear Ssh
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »