openbsd
349 tracked vulnerabilities.
CVE-2025-26466
MEDIUM
OpenSSH - Denial of Service via Ping Packet Memory Exhaustion
Feb 28, 2025
CVSS 5.9
EPSS 0.38
CVE-2025-26465
MEDIUM
OpenSSH 6.9-9.7 - Machine-in-the-Middle Attack via VerifyHostKeyDNS Error Handling
Feb 18, 2025
CVSS 6.8
EPSS 0.07
CVE-2024-11149
HIGH
OpenBSD < 7.4 - Denial of Service via vmm(4) GDTR Limits Restoration
Dec 06, 2024
CVSS 7.9
EPSS 0.00
CVE-2024-11148
HIGH
OpenBSD < 7.3 - NULL Pointer Dereference in httpd FastCGI Request Handling
Dec 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10933
MEDIUM
OpenBSD < 7.4 - Path Traversal via Untrusted File System readdir
Dec 05, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-10934
CRITICAL
OpenBSD < 7.4 - Double Free in NFS Client and Server Implementation
Nov 15, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-6387
HIGH
OpenSSH - DoS
Jul 01, 2024
CVSS 8.1
EPSS 1.00
CVE-2024-29937
CRITICAL
OpenBSD and FreeBSD NFS - Remote Code Execution
Apr 11, 2024
CVSS 9.8
EPSS 0.02
CVE-2023-52558
HIGH
OpenBSD < 7.3 - Denial of Service via Network Buffer Split Handling
Mar 01, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-52557
HIGH
OpenBSD < 7.3 - Denial of Service via L2TP AVP Length Mismatch
Mar 01, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-52556
MEDIUM
OpenBSD < 7.4 - Denial of Service via pf(4) State Expiration Race Condition
Mar 01, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-51767
HIGH
OpenSSH through 10.0 - Authentication Bypass via Row Hammer Bit Flip
Dec 24, 2023
CVSS 7.0
EPSS 0.01
CVE-2023-51385
MEDIUM
OpenSSH < 9.6 - OS Command Injection via Shell Metacharacters in Username or Hostname
Dec 18, 2023
CVSS 6.5
EPSS 0.20
CVE-2023-51384
MEDIUM
OpenSSH <9.6 - Privilege Escalation
Dec 18, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-48795
MEDIUM
NUCLEI
OpenSSH <9.6 - Open Redirect
Dec 18, 2023
CVSS 5.9
EPSS 0.93
CVE-2023-40216
MEDIUM
OpenBSD 7.3 - Denial of Service via Crafted DCS or CSI Terminal Escape Sequences
Aug 10, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-38408
CRITICAL
OpenSSH < 9.3p2 - Remote Code Execution via PKCS#11 Untrusted Search Path
Jul 20, 2023
CVSS 9.8
EPSS 0.77
CVE-2023-35784
CRITICAL
LibreSSL < 3.6.3 and 3.7.x < 3.7.3 - Use-After-Free in SSL_clear
Jun 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-29323
HIGH
OpenSMTPD < 7.0.0 - Denial of Service via Local Scoped IPv6 Address Handling
Apr 04, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-28531
CRITICAL
OpenSSH <9.3 - Privilege Escalation
Mar 17, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-27567
HIGH
OpenBSD 7.2 - Denial of Service via TCP Packet with Destination Port 0
Mar 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25136
MEDIUM
OpenSSH 9.1 - Unauthenticated Double Free in KEX Algorithms Handling
Feb 03, 2023
CVSS 6.5
EPSS 0.90
CVE-2022-48437
MEDIUM
LibreSSL < 3.6.1 and OpenBSD < 7.2 - Improper Certificate Validation in x509_verify_ctx_add_chain
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-27882
HIGH
OpenBSD 6.9-7.0 - Heap-Based Buffer Overflow in slaacd via IPv6 Router Advertisement
Mar 25, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27881
HIGH
OpenBSD 6.9-7.0 - Buffer Overflow in slaacd via IPv6 Router Advertisement
Mar 25, 2022
CVSS 7.5
EPSS 0.02
Products
Quick Filters