{"vulnerability": "CVE-2019-16905", "sightings": [{"uuid": "7a1ff36c-c08d-4a81-be24-e62c4ede63b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12371", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-16905\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.\n\ud83d\udccf Published: 2019-10-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T20:59:26.573Z\n\ud83d\udd17 References:\n1. https://www.openssh.com/releasenotes.html\n2. https://www.openwall.com/lists/oss-security/2019/10/09/1\n3. https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshkey-xmss.c.diff?r1=1.5&r2=1.6&f=h\n4. https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshkey-xmss.c\n5. https://bugzilla.suse.com/show_bug.cgi?id=1153537\n6. https://ssd-disclosure.com/archives/4033/ssd-advisory-openssh-pre-auth-xmss-integer-overflow\n7. https://security.netapp.com/advisory/ntap-20191024-0003/\n8. https://security.gentoo.org/glsa/201911-01\n9. https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "creation_timestamp": "2025-04-17T21:58:32.000000Z"}, {"uuid": "2aef626b-de01-44eb-b6eb-50810a3e4675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/10586", "content": "Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for static.252.140.201.138.clients.your-server.de (138.201.140.252) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.0 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.0: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | CVE-2019-16905 7.8 https://vulners.com/cve/CVE-2019-16905 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5 https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Final times for host: srtt: 227656 rttvar: 227656 to: 300000 Nmap scan report for static.253.140.201.138.clients.your-server.de (138.201.140.253) Host is up, received user-set", "creation_timestamp": "2025-04-01T08:49:50.000000Z"}, {"uuid": "dc0d4802-f9d2-43c3-aa48-26fbaef0919a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/2973", "content": "Scanned at 2025-04-01 14:37:41 +08 for 166s PORT STATE SERVICE REASON VERSION 22/tcp filtered ssh no-response Nmap scan report for static.252.140.201.138.clients.your-server.de (138.201.140.252) Host is up, received user-set (0.23s latency). Scanned at 2025-04-01 14:37:41 +08 for 186s PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.0 (protocol 2.0) | vulners: | cpe:/a:openbsd:openssh:8.0: | CVE-2023-38408 9.8 https://vulners.com/cve/CVE-2023-38408 | B8190CDB-3EB9-5631-9828-8064A1575B23 9.8 https://vulners.com/githubexploit/B8190CDB-3EB9-5631-9828-8064A1575B23 *EXPLOIT* | 8FC9C5AB-3968-5F3C-825E-E8DB5379A623 9.8 https://vulners.com/githubexploit/8FC9C5AB-3968-5F3C-825E-E8DB5379A623 *EXPLOIT* | 8AD01159-548E-546E-AA87-2DE89F3927EC 9.8 https://vulners.com/githubexploit/8AD01159-548E-546E-AA87-2DE89F3927EC *EXPLOIT* | 5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A 9.8 https://vulners.com/githubexploit/5E6968B4-DBD6-57FA-BF6E-D9B2219DB27A *EXPLOIT* | 0221525F-07F5-5790-912D-F4B9E2D1B587 9.8 https://vulners.com/githubexploit/0221525F-07F5-5790-912D-F4B9E2D1B587 *EXPLOIT* | CVE-2020-15778 7.8 https://vulners.com/cve/CVE-2020-15778 | CVE-2019-16905 7.8 https://vulners.com/cve/CVE-2019-16905 | SSV:92579 7.5 https://vulners.com/seebug/SSV:92579 *EXPLOIT* | PACKETSTORM:173661 7.5 https://vulners.com/packetstorm/PACKETSTORM:173661 *EXPLOIT* | F0979183-AE88-53B4-86CF-3AF0523F3807 7.5 https://vulners.com/githubexploit/F0979183-AE88-53B4-86CF-3AF0523F3807 *EXPLOIT* | 1337DAY-ID-26576 7.5 https://vulners.com/zdt/1337DAY-ID-26576*EXPLOIT* | CVE-2021-41617 7.0 https://vulners.com/cve/CVE-2021-41617 | PACKETSTORM:189283 6.8 https://vulners.com/packetstorm/PACKETSTORM:189283 *EXPLOIT* | F79E574D-30C8-5C52-A801-66FFA0610BAA 6.8 https://vulners.com/githubexploit/F79E574D-30C8-5C52-A801-66FFA0610BAA *EXPLOIT* | CVE-2025-26465 6.8 https://vulners.com/cve/CVE-2025-26465 | C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 *EXPLOIT* | 1337DAY-ID-39918 6.8 https://vulners.com/zdt/1337DAY-ID-39918*EXPLOIT* | 10213DBE-F683-58BB-B6D3-353173626207 6.8 https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207 *EXPLOIT* | CVE-2023-51385 6.5 https://vulners.com/cve/CVE-2023-51385 | CVE-2023-48795 5.9 https://vulners.com/cve/CVE-2023-48795 | CVE-2020-14145 5.9 https://vulners.com/cve/CVE-2020-14145 | 54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C 5.9 https://vulners.com/githubexploit/54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C *EXPLOIT* | CVE-2016-20012 5.3 https://vulners.com/cve/CVE-2016-20012 | CVE-2021-36368 3.7 https://vulners.com/cve/CVE-2021-36368 |_ PACKETSTORM:140261 0.0 https://vulners.com/packetstorm/PACKETSTORM:140261 *EXPLOIT* Final times for host: srtt: 227656 rttvar: 227656 to: 300000 Nmap scan report for static.253.140.201.138.clients.your-server.de (138.201.140.253) Host is up, received user-set", "creation_timestamp": "2025-04-01T08:49:51.000000Z"}, {"uuid": "a7ce0df2-74f2-40a6-98d2-c6ca20c31f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "seen", "source": "Telegram/u5l-ZaeBoa4rQ-jCnAd-RyTkmBiEwVQkA95tqksDWv2Ihl4", "content": "", "creation_timestamp": "2024-08-26T12:45:39.000000Z"}, {"uuid": "591bbd1c-166a-43eb-9911-45e871644c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "seen", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4508", "content": "https://redhat-satellite.si.uvsq.fr/users/login\n\nhttps://193.51.33.54/users/login\n\nCVE-2008-3844, CVE-2020-14145, CVE-2023-48795, CVE-2007-2768, CVE-2021-36368, CVE-2021-41617, CVE-2019-16905, CVE-2023-51385, CVE-2016-20012, CVE-2023-51767, CVE-2020-15778, CVE-2023-38408", "creation_timestamp": "2024-08-25T08:59:44.000000Z"}, {"uuid": "10a55687-1511-4132-9358-3f1f6511640b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "published-proof-of-concept", "source": "Telegram/0T2mRQjPbxfagt_KULjNMSImpGgUw0PutX0rRmEphKviBA", "content": "", "creation_timestamp": "2022-09-12T09:43:08.000000Z"}, {"uuid": "9593df59-ae2c-480d-a5c9-dcc44e7df839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16905", "type": "published-proof-of-concept", "source": "Telegram/poS_ZG5aVKSKt_LXha-pFLWHU67v-9VfxvSO9FqtinvTebM", "content": "", "creation_timestamp": "2023-10-12T23:19:46.000000Z"}]}