CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47203
https://notcve.org/view.php?id=CVE-2025-47203
07 May 2025 — dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. • https://github.com/mkj/dropbear/blob/master/CHANGES • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 77%CPEs: 79EXPL: 5CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-36369 – Ubuntu Security Notice USN-7292-1
https://notcve.org/view.php?id=CVE-2021-36369
12 Oct 2022 — An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed. Se ha detectado un problema en Dropbear versiones hasta 2020.81. • https://github.com/mkj/dropbear/pull/128 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-29245 – Weak private key generation in SSH.NET
https://notcve.org/view.php?id=CVE-2022-29245
31 May 2022 — SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 and 2020.0.1, during an `X25519` key exchange, the client’s private key is generated with `System.Random`. `System.Random` is not a cryptographically secure random number generator, it must therefore not be used for cryptographic purposes. When establishing an SSH connection to a remote host, during the X25519 key exchange, the private key is generated with a weak random number generator whose seed can be brute forced. This allows an att... • https://github.com/sshnet/SSH.NET/blob/bc99ada7da3f05f50d9379f2644941d91d5bf05a/src/Renci.SshNet/Security/KeyExchangeECCurve25519.cs#L51 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45099
https://notcve.org/view.php?id=CVE-2021-45099
16 Dec 2021 — The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against complex social engineering situations **EN DISPUTA** El servicio addon.stdin en addon-ssh (también se conoce como Home Assistant Community Add-on: SSH & Web Terminal) versiones anteriores a 10.0.0, presenta una... • https://gist.github.com/Eriner/0872628519f70556d2c26c83439a9f67 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-36254
https://notcve.org/view.php?id=CVE-2020-36254
25 Feb 2021 — scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. El archivo scp.c en Dropbear versiones anteriores a 2020.79, maneja inapropiadamente un nombre de archivo de . o un nombre de archivo vacío, un problema relacionado con el CVE-2018-20685 • https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12953
https://notcve.org/view.php?id=CVE-2019-12953
30 Dec 2020 — Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599. Dropbear versiones 2011.54 hasta 2018.76, presenta un retraso de fallo inconsistente que puede conllevar a divulgar nombres de usuario válidos, un problema diferente al CVE-2018-15599. • https://matt.ucc.asn.au/dropbear/CHANGES • CWE-203: Observable Discrepancy •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9355 – Debian Security Advisory 4637-1
https://notcve.org/view.php?id=CVE-2020-9355
23 Feb 2020 — danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled. danfruehauf NetworkManager-ssh versiones anteriores a 1.2.11, permite una escalada de privilegios porque las opciones extra son manejadas inapropiadamente. Kobus van Schoor discovered that network-manager-ssh, a plugin to provide VPN integration for SSH in NetworkManager, is prone to a privilege escalation vulnerability. A local user with privileges to modify a connection can take advantage of this... • https://bugzilla.redhat.com/show_bug.cgi?id=1803499 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2659
https://notcve.org/view.php?id=CVE-2017-2659
20 Mar 2019 — It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts. Se ha descubierto que dropbear, en versiones anteriores a la 2013.59 con GSSAPI filtra si un nombre de usuario es válido o no. Cuando se proporciona un nombre de usuario inválido, el error de autenticación de GSSAPI se contó erróneamente hacia el máx... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2659 • CWE-209: Generation of Error Message Containing Sensitive Information CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15599
https://notcve.org/view.php?id=CVE-2018-15599
21 Aug 2018 — The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase. La función recv_msg_userauth_request en svr-auth.c en Dropbear hasta la versión 2018.76 es propensa a una vulnerabilidad de enumeración de usuarios porque la validez de los nombres de usuarios afecta a cómo se manejan los campos en los men... • http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •