Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openbsd 3.7 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2003-0693
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH prior to 3.7 may allow remote malicious users to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
Openbsd Openssh
785
VMScore
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 4.2
Openbsd Openssh 4.2p1
Openbsd Openssh 1.2
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
1 EDB exploit
670
VMScore
CVE-2010-4478
OpenSSH 5.6 and previous versions, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote malicious users to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values ...
Openbsd Openssh 5.4
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
8 Github repositories
632
VMScore
CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote malicious users to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate info...
Cisco Ios 12.0\\(16\\)sc3
Cisco Ios 12.2\\(3.4\\)bp
Cisco Ios 11.2xa
Cisco Ios 12.4\\(2\\)t2
Cisco Ios 12.3ym
Cisco Ios 11.3\\(11b\\)
Linux Linux Kernel 2.3.19
Cisco Ios 12.0\\(21\\)s7
Bsdi Bsd Os 1.1
Cisco Ios 12.1\\(2\\)e1
Cisco Ios 12.1xg
Cisco Ios 12.1\\(19\\)ew
Cisco Ios 12.3\\(14\\)ym4
Cisco Ios 12.0\\(8\\)s1
Linux Linux Kernel 2.6.20.6
Linux Linux Kernel 2.3.31
Cisco Ios 12.2\\(7b\\)
Linux Linux Kernel 2.0.30
Cisco Ios 12.0xc
Cisco Ios 12.3yq
Cisco Ios 10.0
Cisco Ios 12.3\\(10\\)
1 Github repository
446
VMScore
CVE-2010-5107
The default configuration of OpenSSH up to and including 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote malicious users to cause a denial of service (connection-slot exhaustion) by periodically making...
Openbsd Openssh
Openbsd Openssh 5.7
Openbsd Openssh 5.1
Openbsd Openssh 4.2p1
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.4
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 2.1
Openbsd Openssh 2.9.9
Openbsd Openssh 1.5.7
Openbsd Openssh 1.5.8
Openbsd Openssh 1.2
Openbsd Openssh 5.2
Openbsd Openssh 5.3
2 Github repositories
445
VMScore
CVE-2011-2168
Multiple integer overflows in the glob implementation in libc in OpenBSD prior to 4.9 might allow context-dependent malicious users to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Openbsd Openbsd 4.1
Openbsd Openbsd 3.7
Openbsd Openbsd 2.8
Openbsd Openbsd 3.8
Openbsd Openbsd 4.4
Openbsd Openbsd 3.1
Openbsd Openbsd 3.3
Openbsd Openbsd 2.9
Openbsd Openbsd 4.7
Openbsd Openbsd 2.1
Openbsd Openbsd 2.2
Openbsd Openbsd 3.9
Openbsd Openbsd 2.0
Openbsd Openbsd 2.7
Openbsd Openbsd 3.2
Openbsd Openbsd 4.5
Openbsd Openbsd 2.4
Openbsd Openbsd 4.2
Openbsd Openbsd 3.6
Openbsd Openbsd 3.0
Openbsd Openbsd 4.0
Openbsd Openbsd 3.5
1 Github repository
445
VMScore
CVE-2008-4109
A certain Debian patch for OpenSSH prior to 4.3p2-9etch3 on etch; prior to 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote malicious users to cause a deni...
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0.2p1
Openbsd Openssh 2.5
Openbsd Openssh 1.3
Openbsd Openssh 1.5
Openbsd Openssh 3.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 2.5.2
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
445
VMScore
CVE-2007-2243
OpenSSH 4.6 and previous versions, when ChallengeResponseAuthentication is enabled, allows remote malicious users to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue t...
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.9.9
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.3p1
Openbsd Openssh 3.4
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.7
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.3p1
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
445
VMScore
CVE-2006-5052
Unspecified vulnerability in portable OpenSSH prior to 4.4, when running on some platforms, allows remote malicious users to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 2.5
Openbsd Openssh 2.5.1
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.8
Openbsd Openssh 4.1p1
Openbsd Openssh 4.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
445
VMScore
CVE-2005-2798
sshd in OpenSSH prior to 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.4
Openbsd Openssh 3.4p1
Openbsd Openssh 3.7
Openbsd Openssh 3.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »