openbsd

334 tracked vulnerabilities.

CVE-2019-19726 HIGH
OpenBSD Dynamic Loader chpass Privilege Escalation
Dec 12, 2019
CVSS 7.8
EPSS 0.09
CVE-2019-14899 HIGH
FreeBSD - TCP Stream Injection via VPN Tunnel
Dec 11, 2019
CVSS 7.4
EPSS 0.00
CVE-2019-19522 HIGH
OpenBSD 6.6 - Incorrect Permission Assignment for Critical Resource in S/Key or YubiKey Authentication
Dec 05, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-19521 CRITICAL
OpenBSD 6.6 - Authentication Bypass via -schallenge Username
Dec 05, 2019
CVSS 9.8
EPSS 0.00
CVE-2019-19520 HIGH
OpenBSD 6.6 - Privilege Escalation via LIBGL_DRIVERS_PATH Environment Variable
Dec 05, 2019
CVSS 7.8
EPSS 0.02
CVE-2019-19519 HIGH
OpenBSD 6.6 - Authentication Bypass via su -L Option
Dec 05, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-16905 HIGH
OpenSSH 7.7-7.9 and 8.x < 8.1 - Unauthenticated Remote Code Execution via XMSS Key Parsing Integer Overflow
Oct 09, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-8460 HIGH
OpenBSD <= 6.5 - Denial of Service via TCP SACK Hole Chain
Aug 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-6111 MEDIUM
OpenSSH < 7.9 - Arbitrary File Write via Malicious SCP Server
Jan 31, 2019
CVSS 5.9
EPSS 0.54
CVE-2019-6110 MEDIUM
OpenSSH < 7.9 - Terminal Output Manipulation via ANSI Control Codes
Jan 31, 2019
CVSS 6.8
EPSS 0.58
CVE-2019-6109 MEDIUM
OpenSSH < 7.9 - Terminal Output Manipulation via ANSI Control Codes in Progress Display
Jan 31, 2019
CVSS 6.8
EPSS 0.10
CVE-2018-20685 MEDIUM
OpenSSH < 7.9 - Incorrect Authorization via SCP Filename Manipulation
Jan 10, 2019
CVSS 5.3
EPSS 0.03
CVE-2018-15919 MEDIUM
OpenSSH 5.9-7.8 - User Enumeration via GSS2 Authentication
Aug 28, 2018
CVSS 5.3
EPSS 0.02
CVE-2018-15473 MEDIUM
OpenSSH < 7.7 - User Enumeration via Authentication Request Timing
Aug 17, 2018
CVSS 5.3
EPSS 0.90
CVE-2018-14775 MEDIUM
OpenBSD 6.2-6.3 - Local Denial of Service via I/O Port Access Control
Aug 01, 2018
CVSS 5.5
EPSS 0.00
CVE-2018-12434 MEDIUM
LibreSSL <2.6.5, 2.7.x <2.7.4 - Info Disclosure
Jun 15, 2018
CVSS 4.7
EPSS 0.00
CVE-2018-8970 HIGH
LibreSSL 2.7.0 - Improper Certificate Validation via Zero-Length Hostname
Mar 24, 2018
CVSS 7.4
EPSS 0.01
CVE-2017-15906 MEDIUM
OpenSSH < 7.6 - Unauthenticated Arbitrary File Creation in Readonly Mode
Oct 26, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-1000373 MEDIUM
OpenBSD < 6.1 - Uncontrolled Resource Consumption via qsort() Recursion
Jun 19, 2017
CVSS 6.5
EPSS 0.17
CVE-2017-1000372 CRITICAL
OpenBSD < 6.1 - Arbitrary Code Execution via Stack Guard Page Bypass
Jun 19, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-8301 MEDIUM
LibreSSL 2.5.1-2.5.3 - Improper Certificate Validation via SSL_get_verify_result
Apr 27, 2017
CVSS 5.3
EPSS 0.00
CVE-2017-5850 HIGH
OpenBSD httpd - Denial of Service via HTTP Range Header
Mar 27, 2017
CVSS 7.5
EPSS 0.50
CVE-2016-20012 MEDIUM
OpenSSH <= 8.7 - Unauthenticated User Enumeration via Public Key Validation
Sep 15, 2021
CVSS 5.3
EPSS 0.15
CVE-2016-10708 HIGH
OpenSSH < 7.4 - Denial of Service via Out-of-Sequence NEWKEYS Message
Jan 21, 2018
CVSS 7.5
EPSS 0.03
CVE-2016-1908 CRITICAL
OpenSSH <7.2 - Privilege Escalation
Apr 11, 2017
CVSS 9.8
EPSS 0.02
Products
openbsd 198 openssh 122 libressl 12 OpenSSH 7 opensmtpd 3 OpenBSD 1 ftpd 1 textproc\/isearch 1
Quick Filters
Critical CVEs With Exploits In CISA KEV