openbsd

334 tracked vulnerabilities.

CVE-2023-40216 MEDIUM
OpenBSD 7.3 - Denial of Service via Crafted DCS or CSI Terminal Escape Sequences
Aug 10, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-38408 CRITICAL
OpenSSH < 9.3p2 - Remote Code Execution via PKCS#11 Untrusted Search Path
Jul 20, 2023
CVSS 9.8
EPSS 0.65
CVE-2023-35784 CRITICAL
LibreSSL < 3.6.3 and 3.7.x < 3.7.3 - Use-After-Free in SSL_clear
Jun 16, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29323 HIGH
OpenSMTPD < 7.0.0 - Denial of Service via Local Scoped IPv6 Address Handling
Apr 04, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-28531 CRITICAL
OpenSSH <9.3 - Privilege Escalation
Mar 17, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-27567 HIGH
OpenBSD 7.2 - Denial of Service via TCP Packet with Destination Port 0
Mar 03, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-25136 MEDIUM
OpenSSH 9.1 - Unauthenticated Double Free in KEX Algorithms Handling
Feb 03, 2023
CVSS 6.5
EPSS 0.88
CVE-2022-48437 MEDIUM
LibreSSL < 3.6.1 and OpenBSD < 7.2 - Improper Certificate Validation in x509_verify_ctx_add_chain
Apr 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-27882 HIGH
OpenBSD 6.9-7.0 - Heap-Based Buffer Overflow in slaacd via IPv6 Router Advertisement
Mar 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27881 HIGH
OpenBSD 6.9-7.0 - Buffer Overflow in slaacd via IPv6 Router Advertisement
Mar 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-35000 LOW
OpenBSD Kernel - Information Disclosure via Uninitialized Memory in Multicast Routing
May 07, 2024
CVSS 3.3
EPSS 0.00
CVE-2021-34999 MEDIUM
OpenBSD Kernel - Information Disclosure via Uninitialized Memory in Multicast Routing
May 07, 2024
CVSS 5.5
EPSS 0.00
CVE-2021-46880 CRITICAL
LibreSSL <3.4.2/OpenBSD <7.0 - Auth Bypass
Apr 15, 2023
CVSS 9.8
EPSS 0.00
CVE-2021-36368 LOW
OpenSSH <8.9 - Privilege Escalation
Mar 13, 2022
CVSS 3.7
EPSS 0.00
CVE-2021-41617 HIGH
OpenSSH 6.2-8.x - Privilege Escalation via AuthorizedKeysCommand and AuthorizedPrincipalsCommand Helper Programs
Sep 26, 2021
CVSS 7.0
EPSS 0.00
CVE-2021-41581 MEDIUM
LibreSSL < 3.4.0 - Stack-based Buffer Over-read in x509_constraints_parse_mailbox
Sep 24, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-28041 HIGH
ssh-agent <8.5 - Use After Free
Mar 05, 2021
CVSS 7.1
EPSS 0.00
CVE-2020-26142 MEDIUM
OpenBSD 6.6 - Network Packet Injection via Fragmented Frame Handling
May 11, 2021
CVSS 5.3
EPSS 0.02
CVE-2020-16088 CRITICAL
OpenBSD < 6.7 - Authentication Bypass in OpenIKED Public Key Check
Jul 28, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-15778 HIGH
OpenSSH <= 8.3p1 - OS Command Injection via scp Destination Argument
Jul 24, 2020
CVSS 7.4
EPSS 0.64
CVE-2020-14145 MEDIUM
OpenSSH 5.7-8.4 - Information Leak via Algorithm Negotiation
Jun 29, 2020
CVSS 5.9
EPSS 0.02
CVE-2020-12062 HIGH
OpenSSH 8.2 - Arbitrary File Overwrite via Malicious Remote Subdirectory
Jun 01, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7247 CRITICAL KEVNUCLEI
OpenSMTPD 6.6 - Remote Code Execution via MAIL FROM Field
Jan 29, 2020
CVSS 9.8
EPSS 0.94
CVE-2019-25049 HIGH
LibreSSL 2.9.1-3.2.1 - Out-of-Bounds Read in asn1_item_print_ctx
Jul 01, 2021
CVSS 7.1
EPSS 0.00
CVE-2019-25048 HIGH
LibreSSL 2.9.1-3.2.1 - Heap-Based Buffer Over-Read in ASN1_item_print
Jul 01, 2021
CVSS 7.1
EPSS 0.00
Products
openbsd 198 openssh 122 libressl 12 OpenSSH 7 opensmtpd 3 OpenBSD 1 ftpd 1 textproc\/isearch 1
Quick Filters
Critical CVEs With Exploits In CISA KEV