CRITICAL9.8CVE-2016-7407The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. from 0, < 2016.74-1
from 0, < 2012.55-1.3+deb7u1
from 0, < 2016.74-1
HIGH8.8dropbear - security update
from 0, < 2016.74-5
HIGH8.8dropbear - security update
from 0, < 2014.65-1+deb8u2
HIGH8.8The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument.
from 0, < 2016.74-1
HIGH8.1scp.c in Dropbear before 2020.79 mishandles the filename of .
from 0, < 2020.79-1
HIGH7.5dropbear - security update
from 0, < 2020.81-3+deb11u1
HIGH7.5dropbear - security update
from 0, < 2018.76-5+deb10u2
HIGH7.5It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid.
from 0, < 2013.60-1
MEDIUM6.4CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions…
from 0, < 2016.72-1
MEDIUM5.9erlang - security update
from 0, < 2020.81-3+deb11u1
MEDIUM5.5The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -…
from 0, < 2016.74-1
MEDIUM5.4dropbear - security update
from 0, < 2025.89-1~deb13u1
MEDIUM5.4dropbear - security update
from 0, < 2025.89-1~deb13u1
MEDIUM5.3Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2…
from 0, < 2019.78-1
MEDIUM5.3dropbear - security update
from 0, < 2014.65-1+deb8u3
MEDIUM5.3dropbear - security update
from 0, < 2018.76-4
MEDIUM4.7dropbear - security update
from 0, < 2016.74-5
MEDIUM4.7dropbear - security update
from 0, < 2012.55-1.3+deb7u2
MEDIUM4.5dropbear - security update
from 0, < 2020.81-3+deb11u3
MEDIUM4.5dropbear - security update
from 0, < 2020.81-3+deb11u3
—A vulnerability was determined in mkj Dropbear up to 2025.89.
from 0
—Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the…
from 0, < 2012.55-1.4
—The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory…
from 0, < 2012.55-1.4
—dropbear - use after free
from 0, < 2012.55-1
—dropbear - use after free
from 0, < 0.52-5+squeeze1
—dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remot…
from 0, < 0.49-1
—Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remo…
from 0, < 0.48-1
—scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are ex…
from 0, < 0.48-1
—dropbear - buffer overflow
from 0, < 0.47-1
—dropbear - buffer overflow
from 0, < 0.45-2sarge0
—The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain acce…
from 0, < 0.43-2