30 matches found
CVE-2026-3706
A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...
UBUNTU-CVE-2026-3706
A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...
CVE-2026-3706
A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...
PT-2026-23915
A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...
Linux Distros Unpatched Vulnerability : CVE-2026-3706
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. Th...
CVE-2025-40913
Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328...
EUVD-2021-22989
Malware in sbrugna...
EUVD-2017-18018
Malware in sbrugna...
EUVD-2017-11807
Malware in sbrugna...
EUVD-2018-7472
Malware in sbrugna...
EUVD-2017-18017
Malware in sbrugna...
EUVD-2025-8773
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-7408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument. CVE-2016-7408 Note that Nessu...
Linux Distros Unpatched Vulnerability : CVE-2017-9079
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorizedkeys file format with a command= option. This occur...
Linux Distros Unpatched Vulnerability : CVE-2016-7407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. CVE-2016-7407 Note that...
Linux Distros Unpatched Vulnerability : CVE-2016-7409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to...
Linux Distros Unpatched Vulnerability : CVE-2018-15599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The recvmsguserauthrequest function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...